The number of organisations that are certified to the Cyber Essentials scheme is growing rapidly, and it’s no surprise. The scheme is designed to “make the UK the safest place to do business online” and provides a range of different benefits without requiring a huge buy-in. Here are just a few of the major selling points:
Protect your organisation
By certifying to the Cyber Essentials scheme, your organisation will prove that it has implemented basic cyber security hygiene – a level of security that GCHQ believes could have prevented 80% of cyber attacks in 2011.
The scheme is built on CESG’s 10 Steps to Cyber Security and covers five key areas:
- Secure configuration
- Boundary firewalls and Internet gateways
- Access control and administrative privilege management
- Patch management
- Malware protection
Establishing a basic level of cyber hygiene through implementing these basic controls will solve a lot of problems and protect against most low-level threats.
Speaking about the scheme, Alan Calder, founder and executive chairman of IT Governance, said, “Cyber Essentials is genuinely the minimum level of cyber security that every organisation should have in place.”
1 October 2014 marked the date that the UK Government requires suppliers bidding for certain information handling contracts to be Cyber Essentials certified. If your organisation holds the Cyber Essentials badge of compliance, then you’ll be putting yourself ahead of your competitors who are yet to comply.
Certification won’t just win you business with the government. Organisations that are looking for suppliers are far more likely choose one that can demonstrate that they protect customer information.
Improve customer confidence
The Shopping Behaviour after Security Breaches study revealed that retailers who have suffered a security breach will lose 12% of their loyal customers and 36% of their customers will shop at those retailers less frequently.
These statistics make it clear that consumers care about the security of their information, so if you can provide evidence that your organisation is doing the best it can to look after that information, you’ll improve the confidence your customers have in you.
Small buy in, big results
Becoming compliant to the scheme isn’t as expensive as you might think, nor does it take a great deal of time.
“Most large organisations would have already implemented important cyber security controls,” Calder explains. “As in the case of one of our large clients, it is more a matter of ensuring that these controls are in line with the scheme’s requirements and that the necessary external and, if applicable, internal assessments have been conducted.
“Small- and medium-sized organisations, on the other hand, will benefit from the scheme by ensuring they implement at least a minimum level of security. It is important to note that certification to Cyber Essentials or Cyber Essentials Plus is not difficult – with the right level of competent support, most organisations should be able to execute it quickly.”
At only £3.49, this low-cost book will provide you with a detailed explanation of Cyber Essentials, leaving you with an understanding of the scheme’s requirements and how to implement the controls correctly.
This free will help you decipher whether or not you are likely to meet the requirements of the Cyber Essentials scheme.