Securing the Digital Frontier: Procurement Policy Note: Updates to the Cyber essentials Scheme 9/2023
In an increasingly interconnected world, safeguarding sensitive information is paramount. The UK Government recognizes this and has taken a proactive stance to protect its digital assets and data. Once significant step taken in 2014 is the requirement for suppliers applying for procurement types to demonstrate appropriate cyber security controls and to mitigate cybersecurity risk in supply chains.
Procurement Policy Note: Updates to the Cyber Essentials Scheme, issued in September 2023 provides an update to the requirements set in PPN 09/14 and sets out the actions organizations should take to identify and mitigate cyber threats, along with resources to support implementation.
According to the updated PPN 09/2023 the quickest and most effective means of mitigating risks associated with such contracts, is for the technical requirements to include either Cyber Essentials or Cyber Essentials Plus Certification. Where Cyber Essentials certification is required, it must be renewed annually by the supplier for the duration of the contract.
Click HERE to register for our free Webinar.
Why does Cyber Essentials certification matter?
- Cyber Essentials: This scheme, developed by the National Cyber Security Centre (NCSC), sets out fundamental security practices that organizations should implement to protect against common cyber threats. It covers areas such as firewalls, secure configuration, access control, malware protection, and patch management. Achieving Cyber Essentials certification is not just a compliance requirement; it's a smart move for any organization aiming to fortify its cyber defenses.
- Government's Commitment to Security: The government's insistence on Cyber Essentials certification for suppliers underscores its commitment to data security. It ensures that organizations partnering with the government meet minimum cybersecurity standards, reducing the risk of cyberattacks and data breaches.
- A Broader Impact: Beyond government contracts, Cyber Essentials certification is a badge of trust that can open doors to new opportunities. It demonstrates your commitment to cybersecurity to clients, partners, and stakeholders, building confidence in your ability to protect sensitive information.
- Staying Ahead: The threat landscape is constantly evolving. By adhering to Cyber Essentials principles, organizations not only meet government requirements but also position themselves at the forefront of cybersecurity best practices. This proactive approach can prevent costly breaches and protect reputation.
- A Collective Effort: In an era where cybersecurity is a shared responsibility, we all play a role in building a safer digital environment. I encourage organizations, whether dealing directly with the government or not, to consider Cyber Essentials certification as a foundational step toward a more secure future.
To learn more details on the topic, please visit our webinar:
Title: Construction Industry and New cybersecurity requirements highlight for successful tenders.
Date: 17th of January.
Time: 3 pm.
Duration: 1 Hour.
Hosted by our CEO, Mr. Ivan Yordanov, on ZOOM.
Click HERE to register for our free Webinar.
