Farsight is pleased to announce that we have achieved Cyber Essentials certification, which underlines our ongoing commitment cyber security.
In our recent article ‘Cyber Crime and Threats to Business Security‘ we outlined the fact that according to a report from the Centre for Economics and Business Research (CEBRE), cyber attacks are costing UK firms an ‘eye watering’ £34 billion. However, analysis of past cyber attacks showed that 85% of the most common cyber attacks could have been prevented by achieving the fundamental cyber hygiene.
That is why the Government worked with the Information Assurance for Small and Medium Enterprises (IASME) consortium and the Information Security Forum (ISF) to develop Cyber Essentials, a set of basic technical controls to help organisations protect themselves against common online security threats. The Cyber Essential Certification scheme was launched in 2014 and has become a mandatory certification for businesses working with public sector organisations.
Cyber Essentials Certification Controls
Cyber Essential Certification provides an assurance framework that is evaluated across five main technical controls:
1. Internet gateways and Boundary firewalls
A firewall is software or firmware that prevents unauthorized access to a network. It inspects incoming and outgoing traffic using a set of rules to identify and block threats. The controls you need to apply will include changing any default/admin passwords, ensuring firewalls are properly set up etc.
Secure configuration refers to security measures that are implemented when building and installing computers and network devices in order to reduce unnecessary cyber vulnerabilities. Security misconfigurations are one of the most common gaps that criminal hackers look to exploit.
3. Access control
A huge number of data and cyber breaches occur from abuse of administrative user accounts in a business. Access control should aim to only let certain individuals have special access privileges according to their position and responsibilities. Companies can look to manage this by performing a number of controls, such as having unique usernames and passwords, and keeping all account information in a secure, protected location.
4. Malware protection
Malware is any software (programme or virus) intentionally designed to cause damage to a computer, server, client, or computer network. Organisations should at a minimum look to protect all computers that are connected to the internet, including having up-to-date malware software as well as setting regular scans to ensure early detection of malware.
5. Patch management
Patches are updates changing the code of existing programs to fix potential security vulnerabilities or other issues. If software is not updated with the latest patches, unfixed vulnerabilities can become weak spot used to gain access to your computer systems or networks. Patch management aims to remove out-of-date software and ensure all security patches are updated when they become available.
Why is Cyber Essentials Certification important to Farsight?
– Our Cyber Essentials Certification gives both us and our clients the peace of mind that our defences will protect against the vast majority of common cyber attacks. In fact, many attacks are looking for targets which do not have the Cyber Essentials technical controls in place. Farsight’s mantra is our commitment to vigilance and that includes protecting ours’ and our clients’ data online.
– We work with public sector clients, where the Cyber Essentials certification is now mandatory to demonstrate a commitment to cyber security.
– In addition, as a leading Alarm Receiving Centre (ARC) we are looking forward to the roll out of the Electronic Call Handling Operations (ECHO) in early 2021. Alarm installations installed by police recognised approved companies and monitored by approved alarm receiving centres (ARCs)/ monitoring centres can be ECHO-connected, but must also be Cyber Essential Certified.
ECHO is the alarm industry’s response to the NPCC’s desire to speed up the police response to verified alarm activations through use of digital automated alarm transmission technology.
Its digital communications hub provides automatic transfer to police control rooms of confirmed intruder and hold-up alarm activations, faster alarm verification, accurate incident information and automated event incident acknowledgement. ECHO will offer a range of benefits for all aspects of alarm monitoring and alarm signalling to assist ARCs and their blue light service collaborators, to better manage risk while operating in more efficient and sustainable ways.
– Farsight also feel it important to demonstrate our commitment to cyber security with our Cyber Essential certification to our security security accreditor – SSAIB and our alarm signalling partners – CSL and BT Redcare who have partnered with ECHO.
Want to work with us?
If you would like to speak to the Farsight team about our remote monitoring services, which include CCTV monitoring, alarm monitoring, lone worker protection and access control – please get in touch here: contact us or call 0845 371 0101
Stay in the loop
Farsight regularly publish updates, tips and articles relating to security issues across a range of industry sectors. If you want to stay in the know, why not subscribe to our newsletter below…