The benefits of Cyber Essentials certification
Virtually every organisation relies on digital services in some way, but where there is technology there is risk.
Many organisations – smaller ones in particular – believe they are unlikely to be targeted by cyber attackers, but that is to misunderstand the nature of modern cyber crime.
In fact, the majority of criminal hackers aren’t state-sponsored agencies or activists looking for high-profile targets, and they don’t spend countless hours staking out and researching their victims.
Instead, they’re more opportunistic, using automated attacks to exploit poorly protected targets.
Just as an organised burglar might scout for inadequately safeguarded properties, the modern cyber criminal will send phishing emails or network scans looking for vulnerable systems.
IT Governance is a CREST-accredited certification body for the Cyber Essentials scheme but from 1 April 2020 will be accredited by IASME, in line with changes to the Cyber Essentials scheme implemented by the NCSC. You can learn more about these changes below.
Achieving Cyber Essentials or Cyber Essentials Plus certification with us will help protect your organisation against such threats and win you significant commercial advantage.
Protect against approximately 80% of cyber attacks
Implementing the five controls correctly will help protect your organisation and commercially sensitive data.
Demonstrate security and help secure the supply chain
Certification shows your commitment to security, demonstrating to your business partners, regulators and suppliers that you take cyber security seriously.
Increase chances of securing business
Certification gives you a competitive advantage, particularly with rivals without accreditation.
Work with the UK government and MoD
Cyber Essentials certification is s a mandatory requirement to work with the UK government. Cyber Essentials Plus will give you the opportunity to work with the MoD.
Reduce cyber insurance premiums
Cyber insurance agencies look more favourably on organisations that have achieved Cyber Essentials certification.
The advantages of working with a CREST-accredited certification body
By choosing a CREST-accredited certification body such as IT Governance, you will benefit from an additional level of independent verification of your cyber security status, provided by an external vulnerability scan.
Although non-CREST-accredited certification options exist, none offer the same level of independent verification and stakeholder assurance that the CREST-accredited option does.
Hundreds of organisations have achieved CREST-accredited certification to the scheme, with many more achieving certification every day. These organisations have boosted their competitiveness and are reaping the benefits.
In 2020, the NCSC (National Cyber Security Centre) will implement some changes to the Cyber Essentials scheme to prepare it for the future. The current five Cyber Essentials accreditation bodies will be replaced by one. From 1 April 2020, The IASME Consortium will operate as the sole accreditation body for the scheme.
In support of this change, IT Governance will become an IASME-accredited certification body from April next year. We will continue providing the high level of cost-effective ongoing service our clients expect from us and will ensure the transition to the new arrangements is seamless. In the meantime, and in line with current arrangements supported by the NCSC, our clients will continue to be certified under CREST, and all existing and new certifications will continue to be valid and in line with current requirements.
Did you know?
The government's Cyber Security Breaches Survey 2018 found that more than two fifths (43%) of businesses and almost one fifth (19%) of charities experienced a cyber security breach or attack in the previous year.
The financial effects of these breaches can be considerable. For medium-sized businesses, the average (mean) cost of a data breach is £16,100. For large businesses it is £22,300.