The UK government’s Cyber Essentials certification aims to get the UK up to speed with consistent cybersecurity controls, establishing a higher level of cybersecurity and resilience across the UK.
Operated by the United Kingdom National Cyber Security Centre (NCSC) In April 2023, the Cyber Essentials framework was updated to reflect modern cybersecurity challenges, including principles like zero trust, securing “bring your own device” (BYOD), and providing secure access to cloud services. Cyber Essentials provides a modern, practical framework for organisations of all sizes to mitigate cyber attacks and reassure potential customers and suppliers that essential controls are in place. Now a mandatory requirement for any organisation supplying services to the UK public sector, over 130,000 certificates have been awarded since its inception in 2014.
Why choose Netskope for Cyber Essentials?
Netskope’s unified secure access service edge (SASE) platform, Netskope One, provides support for the five core technical controls defined by the UK National Cyber Security Centre (NCSC) that are essential for achieving Cyber Essentials certification.
The Netskope guide to Cyber Essentials certification is available here, but let me walk through the headlines of how these recommendations map onto Netskope’s approach and technology with a brief summary:
Firewall controls
With the rise of adversaries targeting popular SaaS applications, protecting every device and application–whether managed or unmanaged–has become critical. Netskope’s dual-engine approach, combining a cloud firewall with a Next Generation Secure Web Gateway (NG-SWG), delivers comprehensive protection exactly where it’s needed. This approach effectively handles both web and non-web traffic by applying security policies directly to egress traffic, without the need for backhauling through on-premises infrastructure. As a result, users enjoy a faster experience, while the organisation benefits from robust, real-time threat detection and support for hybrid applications like Microsoft Teams and Zoom, which use different ports and protocols. This ensures that every user is protected by a properly configured firewall, significantly reducing the risk of cyber threats.
Secure configuration
By keeping those systems securely configured, you lower the risk of cyber attackers breaking in and causing harm. This involves removing unnecessary software or user accounts, changing default passwor