Embark on your journey to Cyber Essentials and Cyber Essentials Plus certifications with Kris Hermans' comprehensive guide.
Achieving Cyber Essentials certification is a significant step towards demonstrating your organization's commitment to cybersecurity. Kris Hermans, a recognized authority in cybersecurity, offers a definitive resource for understanding the certification process and successfully achieving these important credentials.
Mastering Cyber Essentials
1. Introduction
- Understanding Cyber Essentials
- The Importance of Cyber security
2. Cyber Essentials: The Essentials
- Overview of Cyber Essentials and Cyber Essentials Plus
- Benefits of Cyber Essentials Certification
- The Five Key Controls
3. Starting Your Cyber Essentials Journey
- Assessing Your Current Situation
- Building a Cyber Essentials Implementation Team
- Developing an Implementation Roadmap
4. Control 1: Secure Configuration
- Securing Hardware and Software
- Implementing Configuration Management
- Patch Management
- System Hardening
5. Control 2: Boundary Firewalls and Internet Gateways
- Understanding Firewalls and Internet Gateways
- Configuring Firewalls and Gateways
- Monitoring and Maintenance
6. Control 3: Access Control and Privilege Management
- Implementing Access Control Policies
- Managing User Accounts
- Privileged Account Management
- Monitoring and Reviewing Access Controls
7. Control 4: Malware Protection
- Types of Malware and Threats
- Anti-Malware Software and Tools
- Regular Scanning and Updating
- User Education and Awareness
8. Control 5: Patch Management
- The Importance of Patch Management
- Identifying and Prioritizing Patches
- Patch Deployment and Verification
- Patch Management Tools
9. Cyber Essentials Plus
- Understanding the Differences between Cyber Essentials and Cyber Essentials Plus
- The Assessment Process
- Preparing for a Cyber Essentials Plus Assessment
10. Employee Training and Awareness
- Establishing a Cybersecurity Training Program
- Training Content and Frequency
- Measuring Training Success
11. Incident Management and Response
- Developing an Incident Response Plan
- Incident Reporting and Escalation
- Post-Incident Review and Lessons Learned
12. Continuous Improvement
- Identifying Opportunities for Improvement
- Implementing Changes and Updates
- Monitoring and Reviewing Cybersecurity Practices
13. Certification and Accreditation
- Selecting a Certification Body
- Preparing for the Cyber Essentials Assessment
- Maintaining Certification
14. Tools and Resources for Cyber Essentials Implementation
- Cybersecurity Software Solutions
- External Cyber Essentials Consultants and Services
- Cyber Essentials Templates and Checklists
15. Conclusion
- Building a Cybersecure Culture
- Beyond Cyber Essentials: Other Security Standards and Frameworks
- The Future of Cybersecurity
16. About the author