Thrive, a global technology outsourcing provider for cybersecurity, Cloud, and IT managed services, today announced that is has become a Cyber Essentials (CE) and Cyber Essentials Plus (CE+) certification body. The company can now audit for accreditation and compliance with the Information Assurance for Small and Medium Enterprises (IASME) Cyber Essentials control framework.
According to a government report issued earlier this year, half of businesses (50%) and around a third of charities (32%) in the UK report having experienced some form of cyber security breach or attack in the last 12 months. To mitigate these threats and ensure organisations have the proper safeguards in place, the IASME requires most public sector institutions that touch government, healthcare, and social housing, as well as many small and medium businesses (SMBs), to be CE or CE+ compliant in order to be eligible to bid for contracts. CE is a government-backed, industry-supported self-assessment that organisations can utilise to protect themselves against common cyber threats and gain certified compliance with best practices. Aligning with this standard helps organisations position themselves to maintain the confidentiality, integrity, and availability of their information systems and data assets.
As a certification body, Thrive can now work with UK organisations to help them achieve compliance with the CE or CE+ framework. The normal CE certification requires a self-certified questionnaire, submitted online to the IASME. Upon successful completion, Thrive will issue the CE certification. Thrive also provides Readiness Assessments for SMBs seeking CE+ accreditation. This includes a gap analysis report and roadmap to address both CE and CE+ certification requirements, enabling an organisation to also pursue the CE+ certification once the CE Questionnaire is completed. The Readiness Assessment will focus on the CE Questionnaire along with technical controls for firewalls, secure configuration, security update management, user access control, and malware protection. As part of the CE+ certification, a Thrive certified CE+ Assessor will carry out the required audit on the systems that are in-scope for CE, including a representative set of user devices, all internet gateways, and all servers with services accessible to unauthenticated internet users.
“From phishing to malware, we’re seeing an increase in threats of every kind, and too often the organisations that are most susceptible to these threats are small and medium businesses or those working in the public sphere,” said Michael Gray, Chief Technology Officer at Thrive. “Becoming CE certified allows organisations to take essential steps in understanding and improving their cybersecurity posture. Thrive is proud to be a partner in helping businesses on their accreditation journey and providing them with the guidance needed to not only better protect themselves but set them up for long-term success.”
In addition to CE and CE+ certifications, Thrive offers and array of services and offerings to help organisations of all sizes better protect themselves. From managed detection and response to autonomous penetration testing and cloud services, UK enterprises can trust that Thrive has the team, solutions, and experience to bolster digital transformation and cybersecurity efforts, regardless of sector or size.
To learn more about Thrive’s offerings, visit the website.
 and Cyber Essentials Plus (CE+) certification body. The company can now audit for accreditation and compliance with the Information Assurance for Small and Medium Enterprises (IASME) Cyber Essentials control framework.){kind=link}