Barclays first major organisation to gain new data security accreditation

Barclays first major organisation to gain new data security accreditation

Part of the National Cyber Security strategy

Article comments

Barclays says it has become the first major organisation to gain the new Government Cyber Essentials certification for its digital banking services, including MyBarclays, BMB and Pingit.

The certification was awarded to Barclays following assessment of its security by certification-body Gotham Digital Science (GDS). GDS is accredited by CREST to carry out Cyber Essentials and Cyber Essentials Plus certification services.

“We identified this new government scheme as an important part of our plans to help customers in the digital age transact completely safely and securely,” said Philip Sowter, mobile banking director at Barclays. “We are now working with GDS towards the Cyber Essentials Plus certification.”

To demonstrate "basic cyber hygiene" and reach Cyber Essentials certification through GDS, Barclays Digital Banking had to complete the Cyber Essentials Questionnaire. An external perimeter vulnerability scan was also carried out, which is an additional requirement for Cyber Essentials certification that is mandated by CREST.

“For Barclays the process was straightforward because of the existing security processes it already had in place, along with ISO27001 certification of the digital banking business,” said Justin Clarke, managing director of GDS. “The certification reinforces the importance the bank places on protecting customer assets and data.”

The first batch of SMEs to be awarded the certification was confirmed last month. The Cyber Essentials Scheme is part of the UK government’s National Cyber Security Strategy, and provides an independent assessment of the essential security controls that organisations need to have in place to mitigate risks from internet-borne threats.

CREST is a not-for-profit organisation that represents the technical information security industry. As part of this, CREST provides internationally recognised certifications for organisations and individuals, providing penetration testing, cyber incident response and security architecture services.

Share:

Comments

Advertisement
Send to a friend

Email this article to a friend or colleague:


PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.


We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

ComputerworldUK Knowledge Vault

ComputerworldUK
Share
x
Open
* *