Cyber Baseline

IASME Cyber Baseline is an international cyber hygiene certification scheme that tackles the basic, but critical, cyber security protection measures for organisations outside the UK. The standard leads the way to offer global supply chains a standardised and respected certification to show that organisations have the critical cyber hygiene measures in place.

LANDR’s consultancy service assists your organisation to attain the Cyber Essentials certification with a choice of two service channels.

What Is The Cyber Baseline ?

IASME Cyber Baseline maps to a number of international cyber hygiene standards and best practices, to which there has formerly been no way of demonstrating compliance because they do not have assessments and certification associated with them.

Why Do I Need The Cyber Baseline ?

Being certified to the Cyber Baseline standard sets your organisation and employees mindset in the right direction.

Ensuring compliance to the standard demands implementation of basic security measures and processes that improve the security posture of your enterprise and safeguard you from the exploitation vectors used in over 98.5% of the cyber crimes reported to law enforcement.

LANDR works with organisations of all sizes seeing the value and benefits of Cyber Baseline. We consult at clients with global footprints and a workforce of over 60,000 – down to small businesses and sole traders with only a single member of staff.

How Do We Get Certified ?

Getting started is quick and simple with LANDR Security.

We offer two channels to help businesses get on track and gain the Cyber Baseline scheme.

What Areas Are Covered The Cyber Baseline Certification ?

The Cyber Baseline scheme addresses 8 core business areas, we discuss these in more detail below.

Organisation

The scheme examines if your company understands and keeps track of the third parties your organisation engages with. These could be IT product vendors, services or people. A security gap, or ‘vulnerability’ in the systems of one of your third-party suppliers, contractors or partners may undermine the security in your systems, no matter how good it is.

Secure Architecture

Computer systems are not often secure by default, so companys need to understand how their systems fit together and how they are configured. There are a number of technical controls that need to be applied to an organisations devices to help reduce the opportunities of cyber attacks.

Technical Intrusion

The assessment examines the depth of technical configurations to your devices that make up the layers of protection preventing unauthorised access (intrusion). These will include computer operating systems, your firewalls and malware protection.

Managing Access

Give users access to all the resources and data necessary for their roles, but no more. This applies to data stored on computer equipment as well as to physical locations.

Assets

It is vital for organisations to understanding what your key information assets are in order to be able to effectively safeguard them. Keeping a detailed asset register, including hardware, software, and cloud services, is industry best practice. This helps you assess potential vulnerabilities and recognise the potential impact of any security breaches.

Training People

People are your greatest allies in protecting your organisation’s information. Your direct colleagues and the people working as your suppliers are almost certainly going to play an important role in protecting your systems. They can also present a risk because they have privileged access to the organisation’s information.

Backup & Restore

Regularly tested backups and verifying the ability to restore the data is an effective method of protecting your business from the effects of accidental or malicious tampering, such as deleting data, hardware failure, or ransomware.

Resilience

Business continuity, incident management and disaster recovery.

No security measures can be fully effective all the time so you must be ready to keep the business going and recover from the effects of deliberate attack, accidental damage, and natural disasters.

LANDR offers two service channels for companies to pursue certification to the Cyber Baseline scheme:

Cyber Baseline Serviced

With Cyber Baseline Serviced, LANDR Security takes your business from Zero to Certified. Our consultancy team will work with you to understand your current security posture and how well prepared you are for the Cyber Baseline Assessment.

From here, we work alongside your teams to get all elements of your company in shape, meeting all the requirements to pass the Cyber Baseline Assessment for your organisations non-UK headquartered businesses.

Cyber Baseline Direct & Renewals

If your business is ready for the Cyber Baseline Assessment or if you are just looking to renew your existing certification, LANDR will take you through the assessment process directly and quickly.