“Security isn’t a dirty word… crevice is a dirty word but security isn’t” so said General Melchett in the wonderful BBC series Blackadder. He is of course correct, security isn’t a dirty word and moreover its a word that is often brushed aside in business as a box ticking exercise but I am here to tell you that getting Cyber Essentials Certified is not only a great way to up your business security game but it can absolutely win your more business as a result, so my advice? Ignore Cyber Security at your peril!
What is all this Cyber Essentials nonsense?
Well Cyber Essentials and Cyber Essentials Plus isn’t nonsense for a start! You probably don’t know this but according to the Department for Culture, media and sport the average Data breach as a result of Cyber attack costs on average £19’400 for each instance. Bear in mind that is just initial losses and does not take into account the long term losses or indeed the reputational losses, customer losses, possible audit issues etc.
Some businesses never recover from a data breach. Why take the chance?
So cyber security is a big deal and getting Cyber Essentials accredited is one of the best things you can do as a business to protect your data and assets from breaches. It tells customers / clients / insurance companies that you are taking Cyber security seriously.
Sorry I digress I have not actually stated what it is yet! Its a government backed scheme to ensure your company is doing all it can to protect both their data and the data of others (customers / suppliers etc). According to the NCSC government website the aim of Cyber Essentials is
“Protect your organisation, whatever its size, against a whole range of the most common cyber attacks”
From a practical point of view consider Cyber Essentials & Cyber Essentials Plus accreditation as a system to check that all your computers/devices within the business have a required level of security and compliance to ensure they are protected from the most common Cyber threats. Any omissions found can be addressed based on the Cyber Essentials suggested resolution. Think of it as a MOT for your businesses security practices.
For Cyber Essentials its easy to think “I have anti-virus so I am covered”, well its not a simple as that.
Cyber Essentials covers 5 key areas:
- Firewalls – Mange access to your network and the internet.
- Secure Configuration – Ensure users can only access what they need to do their job and prevent access to anything that falls outside the scope of the job requirements
- User Access Control – Linked to the above but works on more granular control over each user account
- Malware Protection – Ensuring you have software/hardware in place that will adequately protect against malware/viruses etc and be regularly updated (daily) with the latest virus/malware definitions
- Patch Management – Ensuring your applications and software are up-to-date with the latest security fixes and ensuring you are using compliant software.
So once you are confident you have all the key areas covered then the Cyber Essentials certificate is completed via a self guided questionnaire – This is then reviewed by your Chosen Cyber Essentials supplier (We can sort this for you and assist with the questionnaire) and assuming you answers are good then you get certified! A Cyber Essentials verification lasts for 12 months.
Once certified your company will be listed on the national IASME database here
This means potential customers or existing customers that have had a policy change can confirm you are Cyber Essentials certified. Invariably the requirement to work with only Cyber Essentials certified businesses is driven by a business insurance requirement but we are finding more and more that businesses are consciously ensuring that they only deal with businesses that are serious about data/Cyber security – Being Cyber Essentials certified gives that assurance.
Ask yourself if we employ another business or contractor to do x,y,z how do I know they will look after my data? This is another reason to get your business accredited.
Ok sounds good but how do I go about getting Cyber certified and how much does it cost?
Well the good news is that getting Cyber Essentials certified is a simple case of getting in touch with us, We can take some details and give you a tailored price to go through all the leg work to get your company Cyber Essentials certified. We can get you certified from as little as £500 + Vat
Great but how can that get me more business?
We for starters when you get Cyber Essentials Accreditated through us we will not only give you a digital certificate with QR code that you can add to your social media / advertising campaigns but you can also append to your email signature. This in turn can make you a more attractive prospect to potential clients or customers. Any potential client that has a stipulation for only working with Cyber Essentials certified business can now consider your business for their contract.
We have customers that we have helped with Cyber Essentials and Cyber Security that have been tendering for lucrative big budget and government contracts and being Cyber Essentials certified was a pre-requisite to even get a seat at the table.
We are finding this is the case more and more, if you are looking to win larger contracts especially with big national companies or government contracts then being certified is absolutely required.
Why should we use Red Penguin for Cyber Essentials certification? And what other benefits do I get?
As a starting point we are ourselves Cyber Essentials Certified – Seems obvious that a IT Services company would be certified but you would be amazed how may that are not. If you want to confirm this for yourself just look us up on the government IASME lookup site here
So having gone through the process ourselves as well as getting many of our customers certified we know the process, this leaves you to focus on your business.
Also with our Cyber Smart system we can complete all the paperwork on your behalf after confirming some simple facts with you about your business and if you wanted our pro-active package we can also install a Cyber Essentials monitoring app on your company computers which will let us know if any of your computers fall out of compliance.
If during our initial fact finding phase we come across areas that need resolution then our combined 25+ years of working in the IT industry means we can get any hurdles levelled with minimum fuss.
Not only that but you also get £25’000 of Cyber insurance to cover against Cyber breaches.
Not bad!
What is is this Cyber Smart system you mentioned?
Excellent question, saving the best until last!
We partner with a Cyber Essentials specialist called Cyber Smart and through our partner portal we can handle the entire process for you , at the end of the process we can give you all the reports and certificates you need to start proclaiming to the world (or your Instagram feed at least..) that you are now Cyber Essentials Certified.
Not only that but our Cyber Active Protect system can monitor all your devices and report back whenever a change is made that causes that device to become non-Cyber Essentials compliant. You see Cyber Essentials is a bit like a car MOT. It confirms you meet the criteria at the time of testing but it does not confirm compliance after that point (not until your next assessment in 12 months time anyway).
Cyber Active Protect will monitor your systems and report to us any compliance issues in real-time.
Ultimately the idea is to not suffer a breach or Cyber hack at the end of the day and that is what the Cyber Smart system can help achieve.
Take a look , we can view all the required info for compliance from our partner portal. We can see how many devices you have, if any devices are out of compliance, if you have any certificates expiring etc.
We do more than just get you a certificate!
What else can it do for me and my business?
How does free online Cyber Security training for your staff sound?
With our Cyber Protect system we can enrol your staff into a Cyber Academy and from a simple web portal they can navigate through a series of 12 online training sessions with interactive tests at the end of each chapter.
We can even give you or a chosen person admin access to see who has completed what and if anyone needs assistance in certain areas.
Ultimately its your staff that are handling customer data / financial data etc so making sure they understand Cyber Threat concepts can really make a difference, again this is something that sets us apart from your average Cyber Essentials certification provider
So as you can see Cyber Essentials is something that you really should look into and as always The Red Penguin Group Ltd can help with Cyber Essentials or any IT, Broadband or VOIP query you may have.