Preparing for the UK Government’s Cyber Essentials Certification

The UK government’s Cyber Essentials certification aims to get the UK up to speed with consistent cybersecurity controls, establishing a higher level of cybersecurity and resilience across the UK. 

Operated by the United Kingdom National Cyber Security Centre (NCSC) In April 2023, the Cyber Essentials framework was updated to reflect modern cybersecurity challenges, including principles like zero trust, securing “bring your own device” (BYOD), and providing secure access to cloud services. Cyber Essentials provides a modern, practical framework for organisations of all sizes to mitigate cyber attacks and reassure potential customers and suppliers that essential controls are in place. Now a mandatory requirement for any organisation supplying services to the UK public sector, over 130,000 certificates have been awarded since its inception in 2014.

Why choose Netskope for Cyber Essentials?

Netskope’s unified secure access service edge (SASE) platform, Netskope One, provides support for the five core technical controls defined by the UK National Cyber Security Centre (NCSC) that are essential for achieving Cyber Essentials certification. 

The Netskope guide to Cyber Essentials certification is available here, but let me walk through the headlines of how these recommendations map onto Netskope’s approach and technology with a brief summary:

Firewall controls

With the rise of adversaries targeting popular SaaS applications, protecting every device and application–whether managed or unmanaged–has become critical. Netskope’s dual-engine approach, combining a cloud firewall with a Next Generation Secure Web Gateway (NG-SWG), delivers comprehensive protection exactly where it’s needed. This approach effectively handles both web and non-web traffic by applying security policies directly to egress traffic, without the need for backhauling through on-premises infrastructure. As a result, users enjoy a faster experience, while the organisation benefits from robust, real-time threat detection and support for hybrid applications like Microsoft Teams and Zoom, which use different ports and protocols. This ensures that every user is protected by a properly configured firewall, significantly reducing the risk of cyber threats.

Secure configuration

By keeping those systems securely configured, you lower the risk of cyber attackers breaking in and causing harm. This involves removing unnecessary software or user accounts, changing default passwords to strong, unique ones, and ensuring only the essential programs and services are running.

Netskope’s Cloud Security Posture Management (CSPM) and SaaS Security Posture Management (SSPM) handle this by continuously monitoring your cloud services to prevent, detect, and fix misconfigurations. They manage access controls, remove unused software, and ensure user accounts are secure. And both CSPM and SSPM work with Netskope’s Cloud Ticket Orchestrator (CTO) for easy, automated remediation of security vulnerabilities.

Netskope’s Device Intelligence, CASB, and NG-SWG combine to give you full visibility into your estate, helping identify and remove unused or risky software and apps. These tools classify managed and unmanaged devices, score app risks, and group devices into network segments to isolate high-risk devices. Going further to apply granular access and activity controls in accordance with zero trust principles.

Security update management

If software isn’t updated regularly, it can leave your systems vulnerable to attacks. The main goal here is to ensure that updates are installed as quickly as possible – usually within 14 days of release–and that any unsupported software is removed. Netskope’s SASE platform makes this process easier by identifying and classifying all apps and services in your organisation, helping manage software licenses, and ensure automatic updates are enabled–key requirements for staying secure.

A major part of managing SaaS apps and ensuring they are supported involves assessing their risk to your organisation, a task that can often be time-consuming. Netskope’s Cloud Confidence Index (CCI) automates this process by giving each app a risk score from 0 to 100, based on over 48 criteria, such as security, auditability, and business continuity. This helps you easily track improvements or declines in an app’s readiness for business use. Netskope Advanced Analytics takes this further by offering custom dashboards to monitor in-scope apps and services, supporting ongoing management of your environment. By keeping everything up to date, you minimize the risk of cyber threats and keep your systems safe.

User access control

Controlling access to your data and systems is essential for protecting your organisation. With more sophisticated attacks targeting user identities, Netskope is ready with role-based access control (RBAC), adaptive access control based on zero trust principles, and seamless integrations with cloud identity providers.

A key benefit of using user confidence scores is the ability to adapt security measures based on detailed insights into user behavior. If a user starts acting outside their normal patterns—like accessing sensitive data at unusual times or from unexpected locations—Netskope’s policies automatically adjust to mitigate the risk.

By leveraging more than 100 user and entity behavior analytics (UEBA) policies, organisations can generate unique user confidence scores, integrating them into Netskope’s real-time protection policies. This dynamic approach lets Netskope assess the risk of each user’s actions and apply the appropriate access controls, tailored to your organisation’s specific risk tolerance.

Malware protection

Protecting your organisation from malware is a key part of the Cyber Essentials framework. With more employees working remotely–many choosing their own SaaS apps and cloud services–60% of all network traffic now comes from cloud services, such as web, SaaS, and IaaS. What’s more concerning is that 95% of this traffic is encrypted, making it a prime hiding spot for threats like malware and ransomware, which account for half of the enterprise threats. Unfortunately, many organisations fail to stop these threats, turning trusted apps into significant risks.

Netskope’s SSL decryption and advanced in-line threat protection, including machine learning, sandboxing, and remote browser isolation, block hidden threats in encrypted traffic before they can cause harm. This inline protection not only stops threats but also ensures users get secure, high-performance access to the apps and services they need. By integrating with cloud threat intelligence and other security tools, Netskope delivers a multi-layered defense against both known and emerging threats.

Getting UK business ready for Cyber Essentials

This is a call to action for businesses across the UK to adopt and maintain a robust security posture in an increasingly complex threat landscape. Whether you’re pursuing Cyber Essentials or Cyber Essentials Plus, Netskope provides the tools and expertise needed to achieve and sustain certification, giving you peace of mind and strengthening trust with your stakeholders and suppliers. To learn how the Netskope One SASE platform meets the full requirements of the Cyber Essentials certification, download the Netskope guide to Cyber Essentials certification is available here today.