Marie Stopes UK Awarded Cybersecurity Certification
The UK branch of international contraception and safe abortion services provider Marie Stopes has earned a government-backed cyber-safety certification.
The 43-year-old organization, which is active in 37 countries around the world, is now the bearer of the Cyber Essentials Plus Certification.
Cyber Essentials is a key part of the UK’s National Cyber Security Programme, which was designed to help organizations guard against the most common cyber-threats and ensure sensitive data is kept secure and handled correctly.
The Cyber Essentials scheme addresses the most common internet-based threats to cybersecurity but places particular focus on "attacks that use widely available tools and demand little skill." Attacks that fall under this category include phishing attacks, hacking devices connected to the internet, and manual or automated attempts to guess passwords.
The National Cyber Security Centre (NCSC) offers two levels of certification to organizations. The first is a Cyber Essentials self-assessment option, and the other is Cyber Essentials Plus, which provides a more rigorous verification by an independent Certification Body.
The latter tests a set of five key security controls through simulated hacking and phishing attacks, including boundary firewalls and gateways, secure configuration, access control, malware protection, and patch management.
To earn a certificate, organizations must take steps to ensure the cybersecurity of devices and software that accept incoming network connections from non-trusted internet-connected hosts, establish user-initiated outbound contact with arbitrate devices via the internet, and control the flow of data between any devices and the internet.
Stephanie Canavan, Marie Stopes UK’s head of information governance and IT systems, said: "We serve tens of thousands of women and men each year, and this badge demonstrates our commitment to keeping both them and our team members safe from online threats.
"Good cybersecurity is an absolute necessity, and this certification reflects our determination to ensure we are as resilient as possible to attack and that the sensitive data we are entrusted with is in safe hands."
A database containing details of all organizations holding a Cyber Essentials Certificate issued in the last 12 months can be accessed and searched by members of the public via the website cyberessentials.ncsc.gov.uk.
Source: Information Security Magazine