Cyber Essentials PLUS Standard
Stephen Austin is committed to maintaining high security standards in every aspect of product and service delivery, which is again demonstrated by successful 2017 accreditation to the Cyber Essentials PLUS standard. In 2012, HM Government launched the 10 Steps to Cyber Security guide to encourage organisations to consider their cyber security measures, and to ascertain whether organisations thought they were managing their cyber risks sufficiently. The guide was received well and further expanded by UK Government to a de-facto standard. The adoption of an organisational standard for cyber security was seen as the next step. Concluding in November 2013, the Cyber Essentials scheme defines a UK cyber security standard, which organisations can be certified against. The rationale behind this was that it would enable organisations and their customers and partners, to have greater confidence in their ability to measure and reduce cyber risks, as they would be independently assessed on a frequent basis to ensure adherence to the standard. Business leaders at Stephen Austin have taken ownership of their cyber risks and built them into their overall corporate risk management regime. At the same time, Stephen Austin has extended the scope from Cyber Essentials that incorporates assessment of the systems exposed to Internet to Cyber Essentials PLUS, where the assessment is also covering internal security assessment of end-user devices. Once again, this directly tests that individual controls have been implemented correctly and recreates various attack scenarios to ensure Stephen Austin's readiness to respond and protect itself and its clients from internal and external cyber threats.