PetroStrat, a geological service provider to the oil and gas industry, has achieved certification to the fast-growing cyber security certification scheme, Cyber Essentials.
CREST-accredited certification body for the Cyber Essentials scheme
IT Governance delivered the assessments and awarded PetroStrat’s certificate.
Alan Calder, the founder and executive chairman of IT Governance says, “We are delighted to have assisted yet another forward-thinking business with their Cyber Essentials certification process, and I congratulate PetroStrat on their success.”
The Cyber Essentials scheme is a key deliverable of the UK’s National Cyber Security Programme. The scheme promotes cyber hygiene and requires the implementation of five key controls: secure configuration, boundary firewalls and Internet gateways, access control and administrative privilege management, patch management, and malware protection.
By deploying these controls, organisations can defend against the most common form of basic cyber attacks originating from the Internet.
IT manager at PetroStrat Kevin Field says, “PetroStrat Ltd has undergone a massive overhaul in its network security processes and procedures over the last eighteen months, including an entire network rebuild and strengthening, in order to secure against threats to our data and intellectual property.
“After discovering the Cyber Essentials scheme it was clear that it would be an excellent target to aim for and would act as a significant milestone in our constant improvement strategy. Achieving the Cyber Essentials certification will allow us to display to all of our clients that we take IT security extremely seriously and have been measured against a national rigid standard.
“We hope that from this success we will move on to secure Cyber Essentials Plus in the next 12 months and then hopefully on to a full ISO certification in the near future, further reinforcing our security.”
There are two levels of certification: Cyber Essentials and Cyber Essentials Plus. Certification to
Cyber Essentials involves the completion of a self-assessment questionnaire (SAQ) and an external vulnerability scan. Certification to
Cyber Essentials Plus includes an additional internal vulnerability scan and on-site assessment.
As a CREST-accredited certification body, IT Governance provides cost-effective solutions for companies wishing to achieve certification to the scheme.
More information about the Cyber Essentials scheme can be found on the IT Governance
website.