What is Cyber Essentials?
Cyber Essentials is a government backed scheme. The scheme aims to help you protect your business from the risk of some of the most common forms of cyber-attack.
The National Cyber Security Centre (NCSC) state that most cyber-attacks are actually relatively unsophisticated and carried out by relatively unskilled individuals. The Cyber Essentials programme looks to provide businesses with the knowledge to prevent these more basic forms of cyber-attack.
There are two levels of certification that businesses can obtain
Cyber Essentials
- Self-assessment option
- Shows businesses how to address the basics when it comes to cyber technical controls
- The advice should help you prevent the most common types of cyber-attack
Cyber Essentials Plus
- Complete the Cyber Essentials assessment
- In addition, a hands on technical verification is carried out by a qualified assessor
How to get Cyber Essentials Certified
IASME Consortium are the Cyber Essentials Partner and can help you to become certified.
You’ll need to meet all the requirements of the 5 technical control themes set out by the Cyber Essentials programme before you can become certified
These include controls around:
- Firewalls
- Secure configuration
- User access control
- Malware protection
- Security update management
Cyber Essentials certificates have a 12-month expiry date.
What are the benefits of becoming Cyber Essentials Certified?
The first immediately clear benefit of the Cyber Essentials programme is arming your business with the knowledge and ability to safeguard yourself against some of the most common forms of cyber-attack. Those attacks whereby cyber criminals are simply taking a chance that you won’t have the most basic cyber security protocols in place. And remember, if you fall victim to one of these simple attacks it may mark you out as a target for further attacks as it becomes evident you have few cyber defences in place.
The NCSC also highlight the following benefits of the Cyber Essentials programme
- Reassurance to customers that you take IT security and cyber security seriously
- Help you to attract new business as you can demonstrate that you have cyber security measures in place
- Provide you with clear knowledge of your business’s cyber security status
- If you are looking to gain work for the government, some government contracts now require you to have Cyber Essentials certification in place
The importance of taking cyber security seriously in your business
Cyber-crime is sadly on the rise and a risk which isn’t going to go away. Any business with an online presence or one which relies on IT systems or data is potentially at risk of cyber-crime and therefore needs to take the risk seriously and take steps to integrate cyber security measures.
Cyber-attacks are not just a risk to big businesses – yes you may hear about these large-scale cyber-attacks on the news, but day to day, SMEs are just as vulnerable to suffering a cyber breach. Data from insurer Hiscox suggests the median cost of a cyber-attack is £10,000. This is a significant amount of money. And the actual cost to your business of suffering an attack could be higher than this. You really can’t afford to ignore the risk cyber-crime could pose to your business.
We recently looked at why cyber security is so important for SME’s and the cyber security responsibilities you have as an SME business owner. Completing Cyber Essentials could be another way to arm your business with the knowledge and capability to protect your business from this ongoing risk.
If you have any questions about cyber insurance or SME cyber security risk management then do get in touch with use today. Our team of experts will be ready to help. You can call us on 0208 290 9080 or email us at cyber@anthonyjones.com.
