The Cyber Essentials accreditation was launched in 2014. This government-backed scheme is designed to help businesses learn how to effectively protect themselves, and their customers’ data from the threat of a cyber attack.
Around 80% of cyber attacks could be prevented if all SMEs implement Cyber Essentials best practice.
As well as educating businesses about cyber crime and how it works, it also provides an assessment to mark your business against with a certification when you can meet all the necessary standards. This is great for peace of mind that your cyber security is robust and can also have a hugely positive effect on your business’ marketability.
However, gaining the Cyber Essentials accreditation doesn’t mean your work is done which can be the common misconception. It marks the effectiveness of your current cyber security practices and gives you a framework to follow for necessary improvements; but even when you sit with the-best-of-the-best with your shiny Cyber Essentials badge on your website, there is still more you can do.
Life after Cyber Essentials Accreditation – your 4 next steps.
Step 1: Staff Awareness
Yes, we’re beating that drum again but social engineering techniques are so successful for cyber criminals, staff awareness is the only way to beat them.
54% of businesses have fallen victim to a social engineering cyber attack during the last year.
We always recommend staff training and offer all of our client’s free cyber awareness training for all of their employees but it takes more than just a one-off session. Cyber security should be introduced to your business culture – here are some ideas you could implement:
– Regular varied training sessions
– Policy and procedure documents employees can refer to
– Reassurance that cyber security comes first – if a payment is late due to a security concern, that’s OK.
– Simulated phishing attack drills
Step 2: Vulnerability Assessments
If a hacker can’t find a way through the back door one day, that doesn’t mean they won’t the next. Whether due to missed updates or an advanced cyber attack, new vulnerabilities can crop up in your IT systems at any point.
Running a vulnerability assessment on a regular basis will help you discover new weaknesses in your security before a cyber criminal does. This extra precaution is a simple one to put in place and will make your business as secure as possible.
Step 3: Independent Assessments
The Cyber Essentials Accreditation can be achieved with a self-assessment but there’s a good reason why teachers get students to mark each other’s work. Seeing our own errors can be difficult and a pair of fresh eyes can often see things clearer.
Even if you already have the Cyber Essentials certification (and shiny badge on your website), it’s often very worthwhile gaining an independent cyber security assessment to make sure your business is as tight as possible. In almost all cases, an independent assessment will find a vulnerability that can be improved upon.
Step 4: Keep up to date
We always recommend you keep up with the latest developments in the world of cyber crime. You can sign up to our newsletter, continue to check our blogs or the IT Governance blog is a great source of information too.
Just remember, cyber crime moves just as fast as technology.
Jupiter IT Is More Than IT Support – It’s IT Consultancy
At Jupiter IT, we’re committed to helping other businesses polish their cyber security to the point of perfection. We are proud to have achieved the prestigious Cyber Essential Plus Certification. As experts in this standard and can help you achieve the Cyber Essential Accreditation too.
To find out more, drop us a line – we’re waiting to share our expertise with you.