Cheetah Transformation Secures Cyber Essentials Certificate

A cyber-attack can have dire repercussions for an organisation, which is why Cheetah Transformation is taking precautions to future proof its systems against hackers. We are thrilled to announce that we have achieved Cyber Essentials certification, awarded by the UK government’s National Cyber Security Centre.

With cyber-attacks becoming ever more sophisticated, we recognise the need to prioritise cyber security and to be working at the highest standards to protect client information, as well as our own business information.

Embracing cyber risk is good governance 

At CyberUK 2023, the UK’s flagship cyber security event run by the UK National Cyber Security Centre (NCSC), Lindy Cameron CB OBE, CEO of the NCSC, and Jen Easterly, Director of CISA, the USA Cyber Defense Agency, called out ‘the responsibilities of boards and CEOs to embrace cyber risk as a matter of good governance’.1

The UK government’s Cyber Security Breaches Survey 20222 found that in the preceding 12 months, 39% of UK businesses had found a cyber-attack, but only 54% of those had acted to identify cyber security risks despite four out of five boards categorising it as a ‘very high’ or ‘fairly high’ priority.  

Cyber Essentials Certified Badge

At Cheetah Transformation, cyber security is a high priority, and we feature among the 54% of businesses that have taken precautions. We are proud to have been granted Cyber Essentials certification for our work to actively protect our systems.

“We recognise the critical importance of cyber security in today’s digital landscape, and this important milestone marks a significant step forward in our commitment to maintaining the highest standards of cyber security and protecting both our clients’ sensitive information and our own operations. 

“As a Smartsheet Platinum Partner, we handle a vast amount of confidential and proprietary information, making it our utmost priority to provide our clients with a secure and trustworthy working environment. Achieving this Cyber Essentials certification not only validates our existing security measures but also reflects our ongoing commitment to proactive cyber security practices.” 

Gary Thornton, Cheetah Transformation Operations Director

About Cyber Essentials

Cyber Essentials’ central tenet is to continuously improve and prove control over various areas of security. The approving body is the UK government’s National Cyber Security Centre, so it’s no easy ride.

Cyber Essentials certification requirements are grouped across five technical controls ⮕

Discover more about the technical controls below.

  • ...

    Firewalls

  • ...

    Secure configuration

  • ...

    User access controls

  • ...

    Malware protection

  • ...

    Security update management

Firewalls
Every device must be protected by a correctly configured firewall. All firewalls must be maintained and strengthened by regular and routine changes, updates, active approvals and documentation.

Secure configuration
Active management of all devices to ensure that proper configuration provides only the services required hence reduced vulnerabilities due to unattended, unmaintained and weak default configurations. High levels of technical controls to manage access credentials, i.e., make it harder for criminals to gain access.

User access controls
Clear processes to create and approve user accounts, with authentication of users and disablement/removal of users paramount, so that access to data is managed and authorised. Access to privileged accounts is subject to higher controls, scrutiny and separation. Password rulings means the dog’s birthday is out and longer, non-personal passwords with multi-factor authentication are in.

Malware protection
Avoidance of malware through detection and disablement before it causes harm. Using allowed listings to limit use to known and trusted software. Testing/sandboxing untrusted software in a secured, segregated environment.

Security update management
All software updates are implemented so that latest fixes and patches are employed within 14 days of release, therefore reducing vulnerabilities of known software flaws. All software used is licensed and supported; any that becomes unsupported is removed from use. This ensures that it continues to benefit from continuous security improvements developed by the provider.

Taking the next steps in future-proofing our cyber security

Cyber security is a journey, never a destination. With this in mind, we are about to embark on the next steps.

As well as continuing to maintain our Cyber Essentials Certification, we are now on the road to the ISO27001 accreditation. This is a significant undertaking, but one that our principles and priorities direct us to take.

Our immense gratitude and admiration go to Cheetah Transformation’s Tim Saunders, Senior Solution Architect, and Gary Thornton, Operations Director, for the work they have put into this achievement.

If you have any questions about Cheetah Transformation’s Cyber Essentials or ISO27001 journey, please contact us. 

3 team members working on smartsheet on a laptop

References

  1. https://www.youtube.com/watch?v=AmMKCBOYSkA
  2. https://www.gov.uk/government/statistics/cyber-security-breaches-survey-2022/cyber-security-breaches-survey-2022