Categories
Uncategorized

Defining the scope of your Cyber Essentials submission

  Defining the scope of your Cyber Essentials assessment will be difficult. Ideally it should to be done right at the beginning of the process and should apply to the whole organisation. Most likely though, it will develop as the answers to the section questions are collected and developed, and determining if mitigation is required […]

Categories
Uncategorized

Starting along the road to attaining Cyber Essentials accreditation

  Cyber Essentials (CE) is a base level security accreditation that demonstrates a security posture that is compliant the National Cyber Security Centre (NCSC) recommended guidelines for small to medium enterprises (SME). It allows funders, customers and staff to have confidence that organisational policy, processes, user practices and IT infrastructure provide a risk assessed and […]

Categories
Uncategorized

Cyber Essentials requirement for ESFA funding, the story so far.

  The Education and Skills Funding Agency (ESFA) had initially amended the contract for those who receive that funding to attain the ISO27001 Information Security Management certification. Jisc and the AoC made representations citing that the scale of work, redirection of resource and the very short time frame was an unrealistic expectation for the sector.  […]

Categories
Uncategorized

Is your organisation Wi-Fi a security incident waiting to happen?

Working for Jisc means that I’m increasingly on-the-road, which inevitably makes me a user of more and more Wi-Fi Hotspots; whether they be at the offices, campus or buildings of our Jisc members, at hotels, cafes, or on public transport. I continue to be surprised at the compromises that are being made to deliver Wi-Fi, either compromising security, […]