Cybercrime is costing SMEs billions of pounds a year, according to latest Federation of Small Businesses (FSB) research. They also report that one in five (20%) of small businesses have experienced a cyber-attack against their business in the two years to January 2019.
A question that every Managing Director has to be asking is:
“How can we make our business’s IT assets and infrastructure more secure?”
To answer this question, we look to the Cyber Essentials standard, because it’s a structured methodology to manage your organisation’s cyber security.
Cyber Essentials
Cyber Essentials is a UK government backed scheme, which launched in 2014. It’s aimed at business IT and focused on getting adequate security for the most common threats.
As of June 2019, almost 30,000 Cyber Essentials certificates had been issued and the National Cyber Security Centre reports, “as far as we are aware, none of the systems certified has experienced a significant cyber security breach.”
Some government contracts require Cyber Essentials certification. However, whether your customers are demanding this standard or not, having it is a clear sign that you take their data protection seriously as well as that of your suppliers, employees and other stakeholders.
The scheme has evolved over time to meet the changing threats in cyber security, and more changes are planned in 2020.
Certification costs £300 and involves filling in a questionnaire on your IT security. Depending on the state of your systems, there may be work needed to get you up to the minimum standard.
Cyber Essentials comprises five key controls:
- Access Control
- Boundary Firewalls and Internet Gateways
- Malware Protection
- Patch Management
- Secure Configuration
When you have these five things right, your security will meet the standards required for Cyber Essentials.
If Cyber Security is on your board agenda for 2020, Cyber Essentials is a great place to start. Want to find out more? You can call us on 03331 50 60 70 or send us a message.