Post by Shadowland Consulting LTD
66 followers
Over a month ago we attended for great workshop delivered by fantastic Gary Ennis [an excellent trainer, passionate, director at NSDesign Ltd] on behalf of Business Gateway - organization which heavily helping the micro, small and medium organizations in #Scotland to achieve more, expand and prosper. Location - The South Ayrshire Council [Comhairle Shiorrachd Àir a Deas] - was an amazing historical building with the great view over the sea. They had coffee, cookies, and amazing history inside the building. Unfortunately, the topic: #CyberEssential seems to being almost completely abandoned. For about eight registered organizations, only two representatives arrive (including our company). This makes us - the cybersecurity consulting and training company really sad. We expected fierce debate over permissions, passwords, granted access and regulatory compliance. Instead, we had 'just' mutual agreement, which is great but still not as good as knowledge and data exchange. For any organization, which have any business, contract, project with #PublicSector it is 'a must have' compliance. National Cyber Security Centre [part of GCHQ] not only recommending it, but as well support with massive library of knowledge, examples and ways of the implementation. Here in #Scotland you can find No1 resource at CyberScotland [https://lnkd.in/e8qFwAH9]. But what it really is? Cyber Essentials is the UK Government‑backed baseline cyber security certification. The latest versions (v3.2 “Willow” in 2025 and v3.3 “Danzell” from April 2026) significantly tighten requirements to reflect modern cloud, remote‑first, and SaaS‑heavy businesses. Executive takeaway Cyber Essentials is no longer a light-touch “tick‑box” exercise. It now forces real operational security, particularly around cloud services, MFA, patching speed, and remote working. Non‑compliance increasingly results in automatic failure, not remediation. Our plan for this year is to get accredited of course - first Cyber Essential, then next year, Cyber Essential Plus, and we already choose the way. We have been waiting for the end of April, when new version become a standard, as we strongly believe this is the right way: What has changed – additions for the previous version 1. Mandatory MFA – everywhere that matters 2. Cloud services can no longer be excluded 3. Faster patching – 14 days or fail 4. Remote & hybrid work fully in scope 5. Stricter marking and more transparency #SupportLocalBusiness #CyberSecurity #CyberScotland #ProtectYourself #ProtectYourClients