Government pushes for wider use of Cyber Essentials scheme

The government has said it will be pushing for more companies to gain certification to the Cyber Essentials scheme. The scheme is backed by the government and contains five key controls that, when implemented correctly, can prevent the majority of cyber attacks.

The plan was announced by the minister for digital and culture, Matt Hancock, during last month’s cyber security summit at the Institute of Directors in London.

“Numbers are really starting to grow,” he said. “Already, we’ve awarded more than 6,000 certificates to date, with the numbers more than tripling in the past year.”

According to Hancock, this growth proves that Cyber Essentials is “an effective tool which can be built on to achieve greater security in our organisations”.

The government already requires all of its suppliers that handle sensitive data to hold a Cyber Essentials certificate, but Hancock said that it will now be “strengthening this requirement to ensure even more of our contractors take up the scheme”.

Securing organisations’ supply chains

This announcement signals a growing shift in the importance and authority of the Cyber Essentials scheme. In addition to the government’s requirement for suppliers to be certified, many organisations will feel the pressure to achieve certification.

For instance, larger companies, especially FTSE 100 companies, will need to certify in order to secure their supply chain, and small and medium-sized enterprises (SMEs) will need to certify in order to work with larger buyers.

Cyber Essentials shows organisations how to address cyber security vulnerabilities in a way that, as Hancock said, is “simple, low-cost and specifically designed for SMEs”.

He added: “All firms which rely on the Internet should have Cyber Essentials – as a minimum”.

Benefits of Cyber Essentials

The Cyber Essentials scheme provides a number of benefits. A certified organisation will be able to:

  • Demonstrate its security to clients, insurers, investors and other interested parties.
  • Increase its opportunities, having an advantage in the private sector and the necessary qualifications to bid for government contracts.
  • Save money, as insurance agencies look favourably on organisations with Cyber Essentials.

It’s also worth noting that the Cyber Essentials scheme will help organisations address other compliance requirements, such as those of the EU General Data Protection Regulation.

If you want to experience these benefits, you should consider certifying in the Cyber Essentials scheme with IT Governance. We are the leading CREST-accredited certification body, having awarded hundreds of certifications since the scheme began.

Find out more about Cyber Essentials and how you can certify >>