About us

Cyber Essentials Plus

The Cyber Essentials scheme has been developed by Government and industry to fulfil two functions. It provides a clear statement of the basic controls all organisations should implement to mitigate the risk from common internet-based threats, within the context of the Government’s 10 Steps to Cyber Security.

Through the Assurance Framework it offers a mechanism for organisations to demonstrate to customers, investors, insurers and others that they have taken these essential precautions. Cyber Essentials offers a sound foundation of basic hygiene measures that all types of organisations can implement and potentially build upon. Government believes that implementing these measures can significantly reduce an organisation’s vulnerability.

However, it does not offer a silver bullet to remove all cyber security risk; for example, it is not designed to address more advanced, targeted attacks and hence organisations facing these threats will need to implement additional measures as part of their security strategy. What Cyber Essentials does do is define a focused set of controls which will provide cost-effective, basic cyber security for organisations of all sizes.

CYFOR are accredited with the IASME Governance Gold Award and are a trained and licensed certification body for both the Government’s Cyber Essentials Scheme and the IASME Governance standard. By gaining the Audited IASME Governance certificate CYFOR have achieved IASME’s highest level of certification, which provides assurance to customers and suppliers that our security has been audited by a skilled, independent third-party.

IASME Governance Standard

The IASME Governance standard, based on international best practice, is risk-based and includes aspects such as physical security, staff awareness, and data backup. It was recently recognised as the best cyber security standard for small companies by the UK Government when in consultation with trade associations and industry groups. The assessment includes a Cyber Essentials assessment and GDPR requirements, which is available either as a self-assessment or on-site audit.

The standard was developed over several years during a government funded project to create a cyber security standard which would be an affordable and achievable alternative to the international standard, ISO27001. The standard allows small companies to demonstrate their level of cyber security for a realistic cost and indicates that they are taking good steps to properly protect their customers information.

Expert Witness

As digital forensic professionals, CYFOR are frequently called upon by courts of law to provide expert witness testimonies within legally aided and civil dispute matters. Our investigators are consummate professionals, providing independent and objective reports on whatever case they may handle. If required to support their investigation in a court of law, this professionalism is carried through to any evidence given. All CYFOR investigators receive regular courtroom training provided by Bond Solon. We are Law Society Registered and approved as Expert Witnesses by several regulatory bodies throughout the UK.