I was wondering what people think of https://www.cyberessentials.ncsc.gov.uk/
It’s a UK government scheme that involves a very basic “audit”, signed off by an accredited partner, that gets you a badge for your website, for £200+ per year.
Has anyone got that badge already? We feel like it’s a bit basic for techies like us - there is a more advanced but more costly version too. I guess that no co-techers are accredited to do those audits?
The badge is a very accessible symbol that demonstrates to clients that you have basic “cyber” security in place. So it might be useful, but we don’t feel that £200/year to check that we return a simple questionnaire is value for money - I was wondering whether anyone in CoTech might be interested in looking at alternatives…?
We’ve come across Cyber Essentials in the context of applying for opportunities on the Digital Outcomes & Specialists framework, but although buyers can require it, I don’t think they can require it until the contract stage and so we’ve always taken the view that we could easily get the certification if we wanted to, but have chosen not to spent the £200 (?) until we get to that stage. We have previously put a bid in for an opportunity in conjunction with another agency and they chose to get certified and it didn’t take them long. Historically, we haven’t been big fans of certifications for some of the reasons you mention.
Yes, I think it’s easy to get the badge, and also not really aimed at tech orgs like us lot.
But it, or an equivalent certification, would be handy for small orgs like us without lots of resources to spend on demonstrating this sort of basic stuff.