Skip to main content

Strengthening Business Trust through Cyber Essentials Certification

Trust between organizations makes business possible. You need to be confident that the organizations you interact with will fulfil their expectations and securely handle the data you share with them. But how can you be sure that your partners, suppliers, or clients will protect your data?

According to the 2022 UK Cyber Security Breaches Survey, 39% of UK organizations identified a cyber attack in the last 12 months, with 83% of those being phishing attacks and 21% more sophisticated attacks like malware, ransomware, or denial-of-service attacks.

So, how do you mitigate your risk of attack?

Cyber Essentials – Protection Against Cyber Attacks

The answer is Cyber Essentials, an effective National Cyber Security Centre-backed scheme that helps organizations protect themselves, regardless of size, from the most common cyber attacks. Organizations that achieve certification are entitled to use the Cyber Essentials logo and are included in a public register of certified organizations, making it easy to verify potential partners.

The Cyber Essentials scheme covers five key technical areas:

  • Firewalls
  • Secure configuration
  • User access control
  • Malware protection
  • Security update management

Why Bother?

We’ve seen several reasons why organizations become Cyber Essentials certified, including:

  • Required for a commercial or government contract: An increasing number of organizations, especially government entities, require their suppliers to be Cyber Essentials certified.
  • Required by insurers: Many insurance companies are now more cautious about providing coverage due to perceived cyber threats and require their clients to be Cyber Essentials certified. Some even offer lower premiums for organizations with certification.
  • Meeting data protection requirements: Although Cyber Essentials is not specifically required under the UK GDPR, organizations must demonstrate “appropriate technical and organizational measures.” Cyber Essentials certification is a good way to show care with personal data.
  • General security improvement: The journey to Cyber Essentials provides excellent guidance on improving security.

Whatever their reasons, over 30,000 UK organizations are now Cyber Essentials certified.

Mitigate Your Risk of Attack through Cyber Essentials

Cyber attacks happen all the time. In fact, there are about 65,000 cyber attacks on UK SMEs daily! You can't stop these attacks, but you can defeat, avoid, or mitigate their impact on your organization.

Adopting the 10-point set of technical controls in Cyber Essentials can mitigate your risk of suffering an attack by 70%.

Helping CMDi Achieve Cyber Essentials Certification

CMDi, a strategic consultancy that sharpens marketing and brand strategy to improve business performance, is a long-term IT managed services client of ours. The company holds a lot of confidential client data collected through its assignments. Caroline Phillips, Commercial Director, wanted the confidence that her clients' data was well-protected from cyber attacks. So she approached us to guide her through the Cyber Essentials requirements.

Caroline commented on her experience: “PAAC IT took me through the Cyber Essentials certification process. We worked through all facets of developing a set of IT policies, ensuring our technology was compliant, and completing the questionnaire. Their guidance was extremely helpful in getting this done.”

We’ve Teamed Up with Fortis DPC

The Cyber Essentials scheme requires organizations to work with a "Certification Body" to process applications. So, we have teamed up with Fortis DPC, a Gold Certified Partner, to offer a comprehensive service.

We will continue to provide customers with IT support, IT security policies, and help with the Cyber Essentials questionnaire, while Fortis DPC will thoroughly review the answered questions and submit them for certification.

Howard Freeman, Managing Director of Fortis DPC, noted, “Our partnership is great for organizations looking to beef up their security and get Cyber Essentials certified. Between us, we provide a comprehensive approach for small and medium organizations.”

Tags:

Richard Paterson
Post by Richard Paterson
May 10, 2024 3:50:21 PM

Comments