Homepage hero image

Get Accredited with Chess

Cyber Essentials
Start Accreditation25 Cyber Must Knows
Showing You're Serious About Cyber

How can you demonstrate to your customers and your prospects that their financial, personal and company data is safe in your hands? With recent government figures revealing that breaches or attacks have been identified in almost a third of UK businesses in the last year, customer concerns about the security of their data has never been higher.

A UK Government Cyber Essentials accreditation provides reassurance that you are taking proactive steps to combat cybercrime. It gives you a clear indication of how well armed you are against cyber threat — and it’s increasingly a mandatory requirement when tendering for new contracts.


Chess — Your Cybersecurity Partner

Chess CyberSecurity are acknowledged experts in the assessment of threat and vulnerabilities in IT estates. Now, as a Certification Body for the Cyber Essentials scheme, we’re able to offer the same level of expertise to businesses of all sizes and sectors.  

CREST Accreditation

We’re certified by CREST, an approved accreditation body under the Cyber Essentials scheme, which demands stringent standards, including:appropriate levels of quality assurance processes, security controls, security assessment methodologies meeting CREST's additional qualification criteria signing of an enforceable Code of Conduct proven access to technical competent and qualified staff.

32%
Percentage of businesses identifying breach or attack in 2018
32%
Average increase in cost of a cyber attack year on year
19
A UK small business is successfully hacked every 19 seconds
Certification Explained

Cyber Essentials

Around 80% of the most common cyber attacks can be prevented through the implementation of straightforward, affordable measurements that form the Cyber Essentials Scheme. The self assessment process provides a framework for ensuring the five key technical controls are correctly in place. Chess will audit the assessment, provide an external vulnerability scan and can also, if required, provide additional consultancy to drive a successful outcome.

Cyber Essentials Plus

Businesses are required to achieve Cyber Essentials before moving on to Cyber Essentials Plus. Due to the enhanced controls that are required for CE+, additional consultancy can be arranged including a pre-audit gap analysis to enable you to assess and implement any measures identified as key to a successful accreditation process.

Cyber Essentials Plus verification in carried out both on-site and remotely by Chess CyberSecurity specialists. 

generalMagnetStripImage
Cyber Checklist
How Cyber Savvy Are You? Our 25 Cyber Must Knows.

Download this government checklist to reveal how ready you are to fight off a cybercrime attack.

Download Now
The Five Cyber Essentials Technical Controls


Secure Your Internet Connection

Creating a buffer between your IT network and other external networks, a firewall protects your internet connection, analysing incoming traffic to identify whether access should be allowed to your network.

Cyber Essential Certification Requirement

A firewall must be configured and used on all devices, particularly those connected to public or untrusted Wi-Fi networks.

Secure Configuration

Default configurations of new software and devices are set to be as easy as possible to connect and use, which creates vulnerabilities if left unchanged. Settings should be checked, disabling and removing unneccessary fucntions and services, while default passwords should be updated before deployment. 2FA (Two-factor authentication) should be used for the most data sensitive accounts.

Cyber Essential Certification Requirement

Only necessary software, accounts and applications are used.

User Access Control

In allowing access to those — and only those — accounts (software, settings, services and functions) that your people need in their specific job role, the risk of potential damage can be minimised.

Cyber Essential Certification Requirement

Access to your data must be controlled through user accounts, with controlled administration level privileges given only to your people who specifically need them.

Malware Protection

Malware — including ransomware and viruses — comes from a range of sources, including infected email attachments or USB memory sticks. Anti-malware measures are included within the most popular operating systems. Malware can be introduced to a network when a rogue application is downloaded, so white listing, giving users the ability to install and run only applications authorised by the administrator, offers good protection. Sandboxing, running an application in an environment with restricted access to the rest of your devices and network, helps keep your data beyond the reach of malware.

Cyber Essential Certification Requirement

At least one approach, anti-malware measures, whitelisting or sandboxing must be implemented.

Keep Your Devices and Software Up To Date

Operating systems and applications become vulnerable if they are not up kept to date. In order for patches, whether new features or fixes to security vulnerabilities, to be applied, your operating systems, programmes, phones and apps should be set to "automatically update" where possible. When no longer supported, systems and applications should be considered for replacement.

Cyber Essential Certification Requirement

Devices, software and apps must be kept up to date.

generalMagnetStripImage
Cyber Essentials Datasheet
Showing You're Serious About Cyber

Chess: Your Cybersecurity partner, certified by CREST

Download Datasheet

Resources

Cyber Essentials Knowledge

Hacker 2.jpg

Securing Remote Workers

Watch the recording of Security Remote Workers webinar. During the online session, our Chief Information Security Officer and a Sophos Product Specialist discuss the best practices to secure remote working in the current situation.
notifications.png

Calls to 101 are Free of Charge from 1 April 2020

To alleviate pressure on 999 services all calls to 101 will be Free of Charge from 1 April 2020 - This initiative is to enable callers to contact police for non-emergency calls.
Coronavirus Comms_Blog banner 4.png

Home Working - Can You Collaborate?

So hopefully by now, you've got your people working from home and are servicing your customers' needs, you've got access to your main systems and are coping well. It's clear that working at a distance from everyone creates some new challenges and this article is intended to run through some things to consider.
Coronavirus Comms_Blog banners_3.png

#3 Connectivity and Support at Home

Working from home is now an everyday reality for many of our customers and network issues can be a challenge 

As schools have now closed and other businesses have also sent people home, many home workers are struggling with ensuring they can run their real-time work apps such as Voice and Video conferencing without interference from other people, who are also working from home or using other online content

 
Hackers Tales NO TEXT.jpg

A Hackers Guide to Remote Working

Remote working for a hacker is brilliant, and not in the sense that they can work from home in a dark room wearing a hoodie. But because remote working means that a business is intentionally giving a path into the internal network that could potentially be accessed by anyone on the internet. This blog post covers some of the things that we have encountered across the team over the years.
Blog&Social Images2.jpg (1)

Chess Divert

Being able to manage business calls from anywhere, either on a temporary or permanent basis, is an essential aspect of business continuity.

Temporarily diverting your calls from your current premises to a new inbound number allows you to manage incoming calls and maintain workflow.
Coronavirus Comms_Blog banners_2.png

#2 Your Cyber Security

If you are allowing devices to connect from people’s houses – it's possible that these networks have already been compromised by hackers or will be in the future. Implementing two-factor authentication, where another device like a mobile phone is used for extra security is the most important security measure that can be applied to systems.
Coronavirus Comms_Blog banners_1.png

#1 Your Telephony

As the Covid-19 situation looks set to escalate, there's a lot to think about to keep your business running. Last week we shared the Top 10 areas we've focused on to ensure our own business continuity.

From today, we'll be going into these in more detail, setting out what we've learnt and offering specific guidance and support. Let's start with telephony.
Coronavirus Comms_Blog banners_10 Things.png

Coronavirus Service Update - Keep Your Business Running

The top 10 things to consider for your home-working plan.
Hackers Tales V2- (1).jpg

Injector 1.0

About six months ago, with the slow death rattles of the exquisite Empire C2 drawing near, not going to lie I'm still in mourning – that and python2, I was on the hunt for a new platform to sink my teeth into. While playing around with various frameworks on offer such as SilentTrinity, Faction, Merlin (all of which have their positives), I started looking at Cobbr's Covenant framework....
Coronavirus Comms_Blog banners_Generic Update.png

Coronavirus Service Message - Keeping Our Business Running

Many businesses are rightly concerned about the potential impact of the developing situation with coronavirus and how it may impact their business. 
Man on a call.jpg

SIP Trunking with Chess Partner

Chess Partner are pleased to offer a new SIP Trunking solution to our Partners that will allow you to offer the best Call Management solutions for your customers.

 
Trusted cloud security suppliers we're proud to work with.
SecurEnvoy.jpg
Sophos.jpg
forcepoint.jpg
radware.jpg
Assess_alto.jpg
Egress.jpg
Solutions that help keep your cloud secure.
NMN chess 29 sept 2016_6815.jpg
2FA
Enhance the security of your applications, devices and systems with Two-Factor authentication. 2FA enables users to confirm their identity by presenting evidence to an authentication mechanism.
Essential
_MG_3276.jpg
Cloud Apps
Most of your employees have adopted the cloud. Cloud-based apps like Office 365, Dropbox and Salesforce need protection to prevent account-centric threats, meet compliance requirements and protect critical data.
nmn_chess_dec17_00003.jpg
Cloud Infrastructure
Deliver enterprise-level hosting services with a 100% uptime guaranteed SLA to businesses of all sizes including public sector - our data centre is located in the UK.
Essential
For Public Sector
CyberWorkingComputer.jpg
Data Sharing
CESG certified on-demand security for organisations wishing to share confidential information electronically.
NMN chess 19 sep 2016_43.jpg
DDoS Protection
Denial-of-service attacks are on the rise since they've become a commodity on the Darknet and IoT allowing for easier botnet creation. DDoS mitigation solutions and attack prevention has never been more important.
nmn_chess_dec17_00007.jpg
VPN
Virtual Private Networks are now a necessity in today's modern workplace. Chess can help you find the right VPN technology to help your business grow and yet remain as secure as ever. Select from a full range of VPN technologies for secure site-to-site and remote access.