Freely subscribe to our NEWSLETTER

By successfully going through a Cyber Essentials assessment, organisations not only lower their risk of serious data and financial loss, but by displaying the Cyber Essentials’ badge they demonstrate to customers that they have taken steps to be fundamentally cyber safe.

Ian Kilpatrick, chairman Wick Hill Group, commented: ”We believe we are the first security distributor in the UK to achieve this certification. Cyber Essentials is an important government-driven initiative to ensure cyber security for organisations. Commercially, it is also mandated for organisations bidding for a range of government contracts.

“For channel partners, this accreditation not only proves their own security, but it also demonstrates their security awareness to their customers. For organisations, it provides a stronger measure of security, than those with the lower level PCI certification, particularly level 4. And organisations can also have greater confidence in cyber security if they buy from suppliers who are certified.”

The certification was awarded to Wick Hill following an evaluation of its security by Sec-1 Ltd. Sec-1 is accredited by CREST[1] to carry out Cyber Essentials certification services. “We enjoyed working with Wick Hill to help them achieve the Cyber Essentials certification and applaud their initiative,” said Ben Thornhill of Sec-1. “Cyber Essentials focusses attention on key areas of security and provides real assurance that Wick Hill has appropriate measures in place to secure data.”

In order to pass the Cyber Essentials Accreditation, Wick Hill had to complete a Cyber Essentials questionnaire, covering the five key elements of the Cyber Essentials programme. Wick Hill’s network also underwent an external vulnerability assessment, by Sec-1, to ensure the company had implemented sufficient and secure controls at the perimeter.

“The Cyber Essentials scheme is unique because it has been developed as collaboration between the UK government and the very best cyber security professionals in the UK,” said Ian Glover, President of CREST. “These professionals utilised their years of experience and invested their own time to extract the security standards that should be applied to all businesses, regardless of size. I commend Wick Hill on their strong commitment to security and on achieving this certification.”

Systems that fall within the scope of the Cyber Essential Scheme include internet connected end-user devices such as desktop PCs, laptops, tablets and smartphones, and internet connected systems including email, web and application servers.

The Cyber Essential scheme requires

· Boundary firewalls

· Internet Gateways

· Secure configuration

· User access control

· Malware protection

· Patch management

Wick Hill is an award-winning security distributor and the current holder of CRN’s ‘Security Distributor of the Year’ title. As experts in security, this certification reinforces Wick Hill’s ability to provide the solutions that will help protect companies in today’s increasingly difficult security environment.

1. About CREST – www.crest-approved.org

CREST is a not-for-profit organisation that represents the technical information security industry. As part of this, CREST provides internationally recognised certifications for organisations and individuals providing penetration testing, cyber incident response and security architecture services. CREST member companies must undergo a rigorous assessment and certification process that looks at methodologies, legal and regulatory standards, staff vetting and data handling. CREST qualified individuals have passed rigorous professional level examinations that demonstrate their knowledge, skill and competence. The company assessment and individual qualifications are underpinned by meaningful and enforceable code of conduct. All examinations and processes have been reviewed and approved by CESG, the Information Security arm of GCHQ

By setting these demanding standards, CREST gives organisations buying penetration testing or cyber security incident response services the confidence that the work will be delivered by trusted companies and qualified individuals with up-to-date knowledge, skills and competencies to the mitigate threats from the latest vulnerabilities and attack techniques. The CREST Cyber Security Incident Response Scheme (CSIR) is endorsed by GCHQ and CPNI. The scheme focuses on appropriate standards for incident response aligned to demand from all sectors of industry, the public sector and academia. The CREST Security Architecture examination is formally recognised under the UK CESG Certified Professional Scheme.

Working alongside the Bank of England (BoE), CREST has developed a framework to deliver controlled, bespoke, intelligence-led cyber security tests that replicate behaviours of those threat actors, assessed by Government and commercial intelligence providers as posing a genuine threat to systemically important financial institutions. CBEST is the first of initiative of its type to be led by any of the world’s central banks.

About Sec-1 Ltd - http://www.sec-1.com

Established in 2001 and accredited by CREST and CHECK, Sec-1 has an enviable track record in delivering complex security testing services and defensive solutions to clients across a wide spectrum of industries and sectors.

Experienced, highly skilled and client-focussed, Sec-1’s size allows for a flexible, agile approach to designing bespoke solutions for clients, centred around three core pillars; Security Testing Services, Training & Consultancy, Security Products & Associated Professional Services. Sec-1 provides the Cyber Essentials certification under the CREST scheme.