We have recently achieved our Cyber Essentials certification. We’re now helping our clients to become compliant with this important government scheme.
One of the most important areas of risk for your businesses or organisations comes from your IT. Computers and devices hold more information than ever before. As such, they are serious target for criminals and hackers, making them more susceptible to attack than ever before as well.
Maintaining a high level of cyber security couldn’t be more important. It’s key to protecting your customers personal and financial information from hackers. But it’s also vital to keep your computer systems safe from other threats which could compromise their functionality, such as viruses, malware and ransomware.
In the last 12 months we have reported on a number of high-profile cyber crime incidents, many of which target small businesses just as much as the larger ones. The result is that the government backed Cyber Essentials scheme is now more important than ever for businesses of all sizes.
Cyber Essentials is a government and industry backed scheme designed to help all organisations protect themselves against common cyber-attacks.
In collaboration with Information Assurance for Small and Medium Enterprises (IAMSE) and Information Security Forum (ISF), Cyber Essentials sets out basic technical controls for your organisations to use which is then annually assessed.
Once you’re fully compliant you can receive a certificate to indicate to your stakeholders and customers that they have all the right safety measures in place.
Currently there are two levels of certification:-
● Cyber Essentials – which includes a self-assessment questionnaire and an external vulnerability scan. This will defend against common attacks that target enterprise-level and corporate IT systems.
● Cyber Essentials Plus – recommended for businesses that need to demonstrate a higher level of security assurance. Including all the Cyber Essential assessments with an additional internal scan and an on-site assessment.
Wood ITC are proud to have become Cyber Essentials Plus certified and are now helping other businesses become complaint as well.
Cyber Essentials addresses five controls that can prevent around 80% of cyber attacks. These are:-
1. Boundary firewalls and internet gateways – to a basic level of protection for internet users.
2. Secure configuration – to make sure your computers and network devices are secure.
3. Access Control – to manage employees and their access to information
4. Malware Protection – protecting all your devices on your system.
5. Patch management – keeping your software up-to-date the software on your systems.
Cyber Essentials shows people that your organisation is security conscious. No matter what your organisation does, Cyber Essentials certification will show people that you are taking measures to secure their data. It will:
● Demonstrate to customers your commitment to security
● Defend your organisations critical data against prevalent cyber threats
● Ensure you company retains a sound reputation
● Enable your organisation to bid for Government contracts
The General Data Protection Regulations, (GDPR) that came in earlier this year have meant that many organisations have needed to review their privacy management. Organisations with Cyber Essentials Certification are in an advantageous position. The Information Commissioner’s Office (ICO), whose job it is to uphold the GDPR in the UK, recommends Cyber Essentials as ‘A good starting point’ for the cyber security of the IT businesses rely on to hold and process personal data. The technical controls in Cyber Essentials will give you a solid base on which you can build your cyber security.
You too can become Cyber Essentials certified to secure and boost your business through Wood ITC.
We are Security Specialists with years of experience in helping a sizes of business secure their data assets. We can help you increase organisations security and reduce your exposure to Cyber Crime.
As an accredited Cyber Essentials certification body, we will help you conduct your assessment, report the outcome to the Accreditation Body and supply you with your certificate.
We also provide consultancy services to help improve your security practices and secure vulnerabilities within your IT systems and software.
If you’d like to discuss how Wood ITC can help you obtain these accreditations without the headache or you’re unsure which certification is more relevant to your business, click here to arrange a chat with one of our team.