You’d be surprised at just how many businesses think they won’t be a target of cyber crime. Are you one of those?
Every business is digital, they might just not know it yet.
And of course, where there is technology, there is risk.
But the benefits of technology can far outweigh the negative.
We mitigate risks in many other areas of our businesses – health & safety, fire and even physical theft.
So why wouldn’t you mitigate the risks of cyber crime?
Because the consequences are rarely physical, maybe we look past it.
But as a minimum, your business should be Cyber Essentials certified.
To put it in perspective, it’s like having an intruder alarm for your business – it’s only good if you have processes in place to ensure someone closes the windows and locks the doors each night.
My aim today isn’t to talk about what it is, but more the benefits to your business (although if you want to know more, you can find out the ins and outs about it here)
Let’s get stuck in to the 5 core benefits.
1. Protected against almost 80% of cyber threats
The same applies here, you can have the best security in the world. If someone leaves a window open, there’ll likely be an opportunist to take advantage. The same goes digitally.
Cyber Essentials works on five core controls:
- Securing your internet connection
- Securing your devices and software
- Controlling access to your data and services
- Protecting from viruses and malware
- Keeping your devices and software up to date
Implementing these five controls “correctly” protects your organisation and your data.
More on what “correctly” means below.
2. Securing your supply chain
This isn’t just about what’s in it for you. Implementing Cyber Essentials is a statement. Your suppliers, vendors, business partners and clients will see you take cyber security seriously.
You’re not just protecting your business, you’re helping protect theirs too. This commitment to security is added value that can help form formidable partnerships to help your business grow and your customers feeling valued.
3. Win more business
Given benefit 2, this one may seem a little obvious. However, if this is the primary reason you get the certification, you’ll soon get found out.
Whilst obtaining the certificate gives you a competitive advantage, you can quickly get found out if you don’t choose your partner effectively.
4. Work in new markets
Want to work with local governments? Schools? Police? NHS Trusts? Fire & Rescue? MoD? For most government organisations, Cyber Essentials & Cyber Essentials Plus certification is a mandatory requirement to be considered a potential supplier.
After all, being in mission critical environments, they need the security of a supply chain that won’t fail to deliver.
A cyber attack can paralyze a business leaving them unable to operate basic day-to-day operations and ultimately delivery of their products or services.
5. Cheaper cyber insurance premiums
Insurance is never the cure. If you’re relying on it as the only line of protection, you’re paying for it. Ultimately, mitigating risks and prevention is more proactive. Cyber Essentials shows you’re serious about business and deemed a more responsible business.
How do I choose a Cyber Essentials partner?
First things first, you need to make sure they have a certificate. You can search for an organisation here.
Make sure you check the expiry of the certificate, if it is nearing the end – will they be renewing it without a break in certification. A break often means they’re having to prepare to become recertified.
Look at the certificate level too. For most businesses, Cyber Essentials is sufficient. However, if you’re looking to get certification, you should look to work with a partner that has Cyber Essentials Plus certification.
Why? Would you trust a butcher that buys his meat from another butcher? A partner that specialises in Cyber Security will not just know and show you how to be more cyber secure, they’ll do it themselves.
Cyber Essentials Plus isn’t just self-certified, it is verified by independent experts.
Which brings us on to paying attention to the accrediting body. Whilst there are others, they don’t offer the same level of stakeholder assurance provided by an external vulnerability scan.
If you put a fire extinguisher in your office, you ideally need to show someone how to use it, right?
Look for a partner that can offer some training for your colleagues on what the policies are, how to implement them and helping them understand the benefit of it – they’ll get some great tips on how to keep themselves and their families safer online too.
Tell me more
Every business is different – this is not just a tick box one size fits all. Whilst the 5 core pillars remain the same, they tend to apply differently to how each business uses technology.
If you want to know more about what Cyber Essentials will entail for your business – get in touch. We can come and see you for a friendly chat (absolutely no obligation).
You can call us on 01482 974444 or email [email protected]