The Office for National Statistics (ONS) will publish new crime statistics tomorrow which will include online offences for the first time, confirming what we’ve long suspected: cyber crime is the most prevalent and prolific threat to UK citizens today.
The ONS’s most recent Crime Survey for England and Wales (CSEW), showed “an estimated 6.8 million incidents of crime” for the year ending March 2015. According to the Daily Telegraph, “one respected industry estimate” says that these figures could triple this week “with the addition of 12.5 million online offences a year.”
A police source told the Telegraph: “Many in the police have said for a long time that traditional crime like burglary have been in steep decline because criminals are going online. Finally, the official figures will be recognising that changing pattern.”
Society is only as secure as its weakest link – and that weakest link is typically a private individual or an SME that doesn’t take adequate precautions. Owing to the inherent interconnectedness of the World Wide Web, everyone is at risk because of the actions – or inaction – of others.
The Cyber Essentials scheme
According to Ponemon Institute’s 2015 Cost of Cyber Crime Study: United Kingdom – released last week – cyber crime costs organisations in the UK a mean of £4.1 million a year – an increase of 14% on last year’s figures. When around 80% of cyber crimes can be prevented by implementing basic security controls it’s astonishing that every organisation hasn’t taken action to protect themselves.
The government’s Cyber Essentials scheme provides a set of five controls that organisations can implement to establish a baseline of cyber security, and against which they can achieve certification to prove their credentials. Certification to the scheme demonstrates to customers and business partners that fundamental cyber security measures are in place, and provides evidence to validate an organisation’s security posture. These simple measures can make the difference.
There are two levels to the Cyber Essentials scheme: Cyber Essentials and Cyber Essentials Plus.
- Cyber Essentials requires a company to complete a self-assessment questionnaire, which must be signed off by a senior company representative and then verified by an external certification body. An external vulnerability scan is also required if the company chooses to be certified by a CREST-accredited certification body such as IT Governance.
- Cyber Essentials Plus requires a more advanced level of assurance. In addition to meeting the requirements of Cyber Essentials, organisations must undergo an internal assessment and internal scan conducted on-site by the certification body.
IT Governance is a CREST-accredited Cyber Essentials certification body. To find out how our fixed-price Cyber Essentials solutions can help you achieve Cyber Essentials certification for as little as £300, click here >>