Cyber Essentials

Keeping your Business Safe.

Nowadays, businesses face a constant threat that has grown increasingly in the past 10 or so years: cyber-crime. It has gone hand in hand with the increase of data available online. Not only does experiencing a cyber-attack cost you time and money in rectifying the issue – it can also result in a damaged reputation and instant loss of trust among your customers.

Common cyber-crime can affect any business that doesn’t have basic cyber-security measures in place. According to the National Cyber Security Centre, nearly 50% of UK businesses were affected by cyber-crime in 2017. Businesses can protect themselves against the most common types of cyber-crime with the Cyber Essentials scheme, the certification body which provides guidance on implementing basic, affordable technical controls to keep your systems safe.

How could cyber-crime affect your business?

Here are just three of the most common scenarios that could lead to a cyber-attack:

Phishing: Hackers gain access through an employee – e.g. by misleading them into clicking on a harmful link in an email, causing malware to enter into the system.
Outdated IT systems: If your software or operating systems are out of date, or don’t have up-to-date security patches, this can leave them vulnerable to a cyber-attack and data breaches.
Human error: Data can be lost, stolen or misused through human error – such as an employee deleting a file, leaving a USB stick on the train or working on sensitive files in a public place (e.g. where someone could be looking over their shoulder).

What is Cyber Essentials?

Cyber Essentials is a UK government-backed scheme that was launched in June 2014 to help businesses implement basic, affordable cyber-security controls and show customers and stakeholders that they take security seriously. It is of increasing importance to businesses large and small – both in terms of basic cyber-security and helping them comply with the new GDPR requirements that came into force on 25th May 2018.

How Cyber Essentials works

To gain Cyber Essentials certification, your business needs to show that it has the following five technical controls in place (the scheme provides clear guidance on implementing them):

Boundary firewalls
Secure configuration
User access control
Malware protection
Patch management

By implementing these basic controls, your business will be protected against opportunistic unskilled cyber-attackers – giving you and your customers peace of mind that their personal data is secure. The certification is a strong sign that your business is forward-thinking and cares about its customers, perhaps helping you win more business. As your business grows and develops, you can build on your cyber-security with Cyber Essentials as a foundation.

“Cyber crime poses a real and growing threat for all businesses and small firms in particular and should not be ignored. In the face of an ever increasing threat of cyber attacks, the FSB supports the Cyber Essentials scheme as an additional and important tool, designed to help reduce the risk to small firms and improve the resilience of the sector”

Mike Cherry, National Policy Chairman
Federation of Small Businesses

Your Cyber Essentials options

The Cyber Essentials Assurance Framework offers two main options – Cyber Essentials and Cyber Essentials Plus – depending on the level of assurance you need and how much you want to spend. Both options require self-assessment, with Plus including an onsite audit that provides evidence of protection against various scenarios involving a cyber-attack.

Your Next Steps?

We’re very good at making sure systems are protected and safe, and would hate to see your business suffer the reputational and profit damage that a cyber-attack would involve.

Our Cyber Essentials guide covers all the nitty gritty of the accreditation and how Cyber Essentials could help you protect your company from cybercrime in one handy PDF.

DOWNLOAD PDF