Cyber Essentials focusses on five key controls as follows
These are devices designed to prevent unauthorised access to or from private networks, but good setup of these devices either in hardware or software form is important for them to be fully effective.
Ensuring that systems are configured in the most secure way for the needs of the organisation
Ensuring only those who should have access to systems have access and at the appropriate level
All network connected systems where possible need to provide a last line of defence, should malware make it to the desktop, or any other device connected in the network. A great many recent attacks have come from emails or USB sticks etc and are inadvertently injected into a system by a user. Anti-malware systems provide this layer of defence, ensuring that the activities of users on their desktops and laptops are monitored and where malware is detecetd, this is intercepted.
Ensuring the latest supported version of applications is used and all the necessary patches supplied by the vendor been applied. As older operating systems are phased out, their vendors stop providing security updates and they become increasing susceptible to attack as time passes.