Since it launched back in 2014, Cyber Essentials has become the cyber security standard for companies and organisations to strive to. The government-backed scheme from the National Cyber Security Centre (NCSC) is the best way to show customers or clients that you’re committed to keeping their information secure and guard against some of the most common online threats. Ahead of the next update to the Cyber Essentials, we’ve put together a series of blogs on the biggest changes.

What’s happening?

With cybercrime becoming more elaborate, and the workplace landscape shifting in recent years, the NCSC has had to adapt and evolve, hence a host of new requirements. The new ways of working have also brought new risks, and those looking to attain Cyber Essentials will have to meet these requirements, which are set to come into force on 24th January 2022.

The rise in the number of people working from home has led to an increase in cyber security challenges, which in turn has led to one of the main updates to Cyber Essentials: from January, home workers’ routers won’t fall under the scope of the scheme.

What do I need to do?

One of the key requirements of Cyber Essentials is that all devices that connect to the internet must be protected with a firewall. With this update, the firewall must be on home workers’ devices, such as laptops, tablets, and smartphones, rather than their router. Unless, that is, the router was supplied by their employer - if that’s the case, then the router will be included in the scope of Cyber Essentials, and must have a firewall.

It’s up to the employer, then, to ensure that all devices that could possibly be used to access company data must be in line with the Cyber Essentials requirements. If home workers use a corporate Virtual Private Network (VPN), however, this will move the boundary of scope to the corporate firewall or the virtual cloud firewall rather than the user’s home.

For more information, check out the rest of our series of blogs on the Cyber Essentials updates - keep an eye out for them. To find out more, or get some advice on how to make the necessary updates to your business to be in line with the new requirements, get in touch.