Trust between organisations is what makes business possible – you need to be sure that organisations you interact with will fulfil their end of expectations. But how do you know that your partner / supplier / client will securely look after the data you share with them?
According to the 2022 UK Cyber Seurity Breaches Surevy 39% of UK organisations identified a cyber attack in the last 12 months of which 83% were phishing attacks and 21% were more sophisticated attacks such as malware, ransomware of denial of service attacks.
So how you do you mitigate your risk of attack?
Cyber Essentials – protection against cyber attacks
The answer is Cyber Essentials, an effective National Cyber Security Centre backed scheme that helps organisations protect themselves (whatever their size) from the most common cyber attacks. Organisations that achieve certification are entitled to use the Cyber Essentials logo and are entered in a public register of certified organisations making it easy to check on your potential partner.
The Cyber Essentials scheme covers 5 key technical zones:
- secure configuration
- user access control
- malware protection and
- security update management
We’ve seen a number of reasons why organisations get Cyber Essentials certified including:
- required for a commercial or government contract – an increasing number of organisations, particularly government, require their suppliers to be Cyber Essentials certified
- required by insurer – many insurance companies are now getting more wary about writing insurance due to perceived cyber threats and require their clients to be cyber essentials certified. Some even offer lower premiums for organisations that are Cyber Essentials certified.
- to meet data protection requirements – although Cyber Essentials is not specifically required under the UK GDPR, organisations are required to demonstrate “appropriate technical and organisational measures”. Cyber Essentials certification is good way demonstrate care with personal data. and
- to generally improve security – the journey to Cyber Essentials provides great guidance on the things you need to do to improve security.
Whatever their reasons, over 30,000 UK organisations are now Cyber Essentials certified.
Mitigate your risk of attack through Cyber Essentials
Cyber attacks happen all the time. In fact every day there are about 65,000 cyber attacks on UK SMEs! You cant stop these attacks, but you can defeat, avoid or mitigate their impact on your organisation.
Adopting the 10 point set of technical controls in Cyber Essentials can mitigate your risk of suffering an attack by 70%.
Helping CMDi achieve Cyber Essentials Certification
CMDi, a strategic consultancy that helps to improve business performance by sharpening marketing and brand strategy, is a long term IT managed services client of ours. The company holds a lot client confidential data it collects through its assignments and Caroline Philips, Commercial Director, wanted the confidence for herself and her clients that the data was well protected from cyber attacks. So she approached us to guide her through the Cyber Essentials requirements.
Caroline commented on her experience ““PAAC IT took me through the Cyber Essentials certification process. We worked through all facets of developing a set of IT policies, ensuring our technology was compliant and completing the questionnaire. Their guidance was extremely helpful in getting this done”.
We’ve teamed up with Fortis DPM
The Cyber Essentials scheme requires that organisations work with a “Certification Body” to process applications. So we have teamed up Fortis DPC , a Gold certified partner, to offer a comprehensive service.
We will continue to provide customers with IT support, IT security polices and help with the Cyber Essentials questionnaire, while Fortis DPC will provide a thorough review of the answered questions and submit them for certification.
Howard Freemen, Managing Director of Fortis DPC, noted “Our partnership is great for organisations looking to beef up their security and get Cyber Essentials certified. Between us we provide a comprehensive approach for small and medium organisations”.
Ready to get started? email us at firstname.lastname@example.org or call us on 01428770290.