elfGROUP CyberSafe is a hands-on cybersecurity certification for businesses, organizations and individual information systems. It is based on well-known and standardized reference frameworks and criteria such as ISO 27001, NIST, KATAKRI, VAHTI guidelines, OWASP and numerous other best practices. We wanted to bring an alternative to companies of all sizes who may not want, need or be able to get the heavy ISO 27001 certification.
CyberSafe covers the most important areas of administrative and technical information security with an emphasis on practical cyber security, often eliminating unnecessary bureaucracy for SMEs and reducing the requirements for documentation and management models.
With CyberSafe Certification, the company wants to reliably demonstrate to its client that their information system (e.g. online store, patient information system, inter-system integration) has been objectively assessed and adequately secured against cyber threats.
All companies claim their own systems to be very safe but only a reliable third party test and outcome statement is a credible argument.
The certificate can be used for corporate customer communications and marketing materials. You should also affix the certificate to the website of the company or service and always link it to the elfGROUP customer-specific certificate page to ensure validity and authenticity.
CyberSafe Certification is an excellent way to convince customers and partners of a good cyber security level of business.
ECC/C can be awarded to a company that has successfully completed a comprehensive, but pragmatic, cyber safety mapping and testing process. The assessment process covers elfSWEEP as an assessment of the company’s IT environment and its management model.
ECC/S is intended to be granted for a particular system or service, such as an online store or corporate web site, after an adequately passed security testing. The ECC/S assessment is the result of elfATTACK hacking testing (level 1) and, if desired, elfSWEEP system evaluation (level 2)
After completing a cyber security assessment, elfGROUP may grant a CyberSafe certificate to a client company or a system under audit (eg web site / service / transaction) as a certificate of adequate and properly implemented, systematically controlled and maintained protection against cyber threats.
The best practices and recommendations for the different criteria such as ISO 27001, NIST, KATAKRI, VAHTI Guidelines, OWASP, ISACA / COBIT and ITIL have been selected as the basis for the certification criteria.
Certification is valid for one year at a time. In connection with the certificate renewal, the maintenance of cyber security security mechanisms and updates will be re-evaluated. elfGROUP’s cyber safety specialists are also available to a certified company during the certification year. Extending and renewing a certificate in such a short time is necessary to maintain a credible level of protection in a constantly evolving threat field. However, re-testing and updating of certifications are more straightforward than the original evaluation process.
elfGROUP’s cyber security specialists have extensive expertise in the development of information systems, integration and the protection of corporate IT environments. In addition, they have solid experience in mapping, risk assessment and perimeter firewall design adapted to meet the needs of different sized companies. In addition to the solution-oriented service attitude, our experts have decades of practical experience in different industries and technology environments.
The security assessment performed by elfGROUP improved our solution’s cybersecurity and the trustworthiness of our cloud platform which is critical for us and our customers.
Chairman of the Board, Aiven Ltd.
In our blog series, we write about cybersecurity domain in general, our service and product offerings as well as show case some of our customer cases. The blog posts are categorized by service types.Read CyberSafe Certification related articles
Kari Halavaara, t. +358 50 553 4796
Pekka Käyhkö, t. +358 400 933 303