mikael/www.sr2.uk
1
0
Fork 0
forked from sr2/www.sr2.uk
Code Pull requests Activity
www.sr2.uk/content/posts/2026-cyber-essentials/index.md
irl 6311878da0 add cyber essentials
2026-05-03 10:38:07 +01:00

2.7 KiB
Raw Blame History

+++ title = 'SR2 Communications Achieves Cyber Essentials Certification' date = 2026-05-03T09:20:00-00:00 lastmod = 2026-05-03T09:20:00-00:00 draft = false tags = ['security', 'audit'] [params] author = 'Iain Learmonth' +++

We're pleased to announce that SR2 Communications has achieved Cyber Essentials certification, the UK government's baseline standard for cyber security. This milestone represents an important addition to our existing security practices and reinforces our dedication to protecting the organisations we serve.

Certificate of Assurance - SR2 Group Limited, incorporating SR2 Communications Limited and SR2 Professional Services Limited, complies with the requirements of the Cyber Essentials scheme
Our Cyber Essentials Certificate

Cyber Essentials is a government-backed certification scheme developed by the National Cyber Security Centre (NCSC). It establishes five core technical controls designed to prevent the most common cyber security threats. According to NCSC, organisations with this certification are protected against approximately 80% of the most common cyber attacks that they have observed.

We've always had a strong focus on security (it's the S in SR2!) and have always maintained rigorous security practices in our software development and infastructure hosting including external audits of application code and periodic penetration testing of our infrastructure. These practices remain in place and will continue to provide project-specific assurance. However, Cyber Essentials addresses something equally critical: the foundational security of our organisation.

While code audits and pentests examine specific systems and software, Cyber Essentials evaluates how we operate as an organisation, covering five primary areas:

  • Boundary firewalls and internet gateways
  • Secure configuration
  • User access control
  • Malware protection
  • Patch management

This certification ensures that the foundation upon which our technical work rests is equally secure. The organisations we work with include free software projects, charities, non-profits, advocacy groups, and the media. They often handle sensitive data related to vulnerable populations, campaign strategies, and confidential stakeholder information. They need partners they can trust.

For those partners operating with limited resources, knowing that their technology partners meet recognised security standards removes one more concern from their already demanding work.

If your organisation is looking for a technology partner that understands your mission and takes security seriously, we'd welcome you to get in touch.