- "기밀 VM의 빈틈을 메운다" 마이크로소프트의 오픈소스 파라바이저 '오픈HCL'란?
- The best early Black Friday AirPods deals: Shop early deals
- The 19 best Black Friday headphone deals 2024: Early sales live now
- I tested the iPad Mini 7 for a week, and its the ultraportable tablet to beat at $100 off
- The best Black Friday deals 2024: Early sales live now
Cyber Essentials Set for Major Changes in 2022
The UK government’s best practice cybersecurity framework is set to undergo the “biggest overhaul” of its technical controls since it was introduced in 2014, the National Cyber Security Centre (NCSC) has warned.
Cyber Essentials offers a simple set of steps that organizations can sign-up to and be certified against to prevent the most common cyber-threats. It’s available in a basic self-assessment version and a Cyber Essentials Plus scheme requiring hands-on technical verification by a third-party.
It covers areas such as firewalls, secure configuration, access controls and malware protection.
The new version of the program’s technical requirements will be officially released on January 24 2022.
“Any assessments already underway, or that begin before that date, will continue to use the current technical standard, meaning that in-progress certifications will not be affected. Organizations using the current standard will have six months from January 24 to complete the assessment,” the NCSC said.
“All Cyber Essentials applications starting on or after January 24 will use the updated version of requirements. We recognize that some organizations may need to make extra efforts when assessed against the new standards, so there will be a grace period of up to 12 months for some of the requirements.”
After consultation with assessors, applicants and the Cloud Industry Forum, the changes were brought in and are deemed essential to ensuring the program remains relevant amidst a fast-moving technology and threat landscape.
It also signals a more regular review process for the controls in the future, the NCSC claimed.
Among the new requirements are updates in areas such as home working, cloud services, BYOD, think clients and multi-factor authentication.
There’s also a new FAQs page and a technical blog from delivery partner IASME for further information