We’re delighted to announce we have achieved Cyber Essentials Plus certification, the highest level available. This not only puts in good stead to protect ourselves against a whole range of cyberattacks, it also enables us to help our clients do the same.
Cyber Essentials is a simple but effective, Government-backed scheme that helps companies protect their organisation, whatever its size, against the most common cyber threats and demonstrates their commitment to cyber security.
Cybercrime is a major issue in today’s interconnected society and attacks come in many shapes and sizes. According to research firm Gartner, there are currently four billion connected devices globally and many of them are not protected adequately. Research firm Trustwave found that 98% of all web applications tested were vulnerable with a medium number of 20 vulnerabilities per application.
The vast majority of cyber attacks are very basic in nature, carried out by relatively unskilled individuals. They’re the digital equivalent of a thief trying your front door to see if it’s unlocked. The Cyber Essentials certification is designed to help businesses prevent these attacks.
What it means for Ethical IT
Many larger businesses require proof that partners and suppliers, or anyone who holds their data, is protected. By achieving Cyber Essentials Plus certification, we can show we’re doing everything we can to protect us, our clients and their data.
Our clients want to know that we’re actively working to secure our IT against cyber-attacks and have cybersecurity measures in place. Indeed many Government contracts require Cyber Essentials Plus certification as a standard.
How our clients benefit
We’re using the same systems that our clients use and we have passed the test, so can help our clients be ready for testing. However, we do not perform the testing ourselves.
From our own experience, we have seen a large percentage of organisations experiencing some form of data breach in the last year and this number is still increasing. It’s so important for organisations to have policies, protocols and tools in place to help protect their data as well as have procedures in place about what to do if the breach occurs.
Having Cyber Essentials Plus accreditation will also enable organisations to bid for larger funding schemes or align with better partners etc.
Cyber Essentials and GDPR
The Cyber Essentials technical controls also offer a solid base on which to build GDPR-compliant systems. The Information Commissioner’s Office, whose job it is to uphold the GDPR in the UK, recommends Cyber Essentials as “a good starting point” for the cyber security of the IT that organisations rely on to hold and process personal data.