If you are a UK based business in 2020, then chances are that the majority of your work is done digitally. Regardless of business size, the digital revolution cannot be ignored and with 99% of the 5.7 million businesses in the UK classed as a SME, it is no surprise that they form the backbone of the economy. However, research commissioned by Brother UK shows that it is these business who are falling behind their larger counterparts when it comes to investing in Digital Innovation.
In many cases these smaller businesses offer services comparable to their big-budget competitors which in turn leaves them open to the same threats, particularly if they are using Cloud Solutions to store their customer data. With cyber-crime making more headlines by the month, even small and medium businesses need to ensure they are safe and that their customers can be confident that their data is in capable and protected hands.
Why might you need a Cyber Essentials certification?
Protection – When implemented, the 5-controls at the heart of the scheme (firewalls, phishing, anti-malware, secure configuration, and control user access) will protect your business from 80% of all common cyber threats.
Reputation – For smaller organisations, a Cyber Essentials certification is a potentially powerful sales and marketing tool, which reveals they are serious about protecting their data and the security of their customers. A certification will significantly bolster the credibility and reputation of your business as it shows that you have taken serious preventative action against any potential cyber threats.
Respect – There is an unmistakable level of respect that comes with a Cyber Essentials certification that will open up a wealth of new business opportunities and prove to potential partners and new clients that your working environment is digitally safe and secure. It’s also impossible to make a bid for government contracts without one.
Insurance – Companies that have been certified by the Cyber Essentials scheme are looked on more favourably by cyber insurance companies and might even be eligible for free cyber insurance cover, which could save them a small fortune.
Self-reflection – As the scheme requires a business to self-assess their security against an assessor’s questionnaire, it’s the perfect chance from some internal auditing.
What is Cyber Essentials and Cyber Essentials Plus:
If this sounds like your business and it answers some of the questions you may have been asking in recent months, then perhaps you would be interested in exploring a certification that allows you to adopt best practices against cyber-attacks. Cyber Essentials is a government backed scheme launched by The Department for Business Innovation and Skills in 2004 and developed as a part of the National Cyber Security Strategy.
When implemented, Cyber Essentials can offer 5-controls that are at the heart of the scheme:
Secure Configuration – Applying security controls to ensure that the devices and software which makeup the IT infrastructure provide maximum protection.
Boundary Firewall and Internet Gateways – Confirming that every assessed area assessed is secured by a correctly configured firewall or equivalent network device.
User Access Control – Ensuring user accounts are monitored regularly and provide access only to the level appropriate to that individual.
Patch Management – Ensuring software and operating systems are regularly checked and updated with the latest patches.
Malware Protection – Ensuring against a broad range of cyber security threats, including computer viruses, worms, spyware, botnet software and ransomware.
Cyber Essentials Plus will give an even more robust examination to ensure that your business is secure and that the cyber solutions you have in place comply with the requirements of the cyber assessment, not only for office-based IT, but also for remote and mobile devices.
How do you get started?
If it has been a while since you last put your IT security under the microscope then perhaps this certification is for you. It’s also very easy to get started with a self-assessment questionnaire that is then reviewed by an accredited certification body, for us, we would use our trusted partner URM.
If everything checks out then you can be ready to go within a matter of days and with the cost of the certification coming in at just over £300, it makes it remarkably affordable too.
However, if you are concerned that your cybersecurity practices might not be quite up to scratch then you can also purchase as assisted self-assessment for just under £1,000, which offers a face-to-face video call that will directly highlight any gaps in your security that need to be addressed.
A True Business Essential:
According to the Cyber Security Breaches Survey published in July 2019, 32% of businesses experiences a cyber-attack in 2019, with the figure increasing to 37% for 2020. This was not just major businesses, in fact, rogue individual hackers are far more likely to go after a smaller business as it is a far less risky task.
With 1 in 5 businesses unaware of the benefits of a Cyber Essentials accreditation and 10% of IT Managers surveyed by the OGL Group, were not even sure whether or not their company actually was accredited.
However, 84% of companies who are certified claimed that it has actively helped them to win new contracts, due to its value as a measure of reassurance.
So, if you’re on the fence about applying for accreditation yourself, now more than ever, with the world turning increasingly in a digital direction, there has perhaps never been a better time to explore Cyber Essentials and how you can get certified today.
To find out more about Cyber Essentials, Cyber Essentials Plus, ISO27001 or GDPR certification, training or consultancy please get in touch today to book in for a free of charge consultation with us and our partners at URM
Call: 01223 901900 or Email: firstname.lastname@example.org