Knowledge Base
In 2014 the UK government launched the Cyber Essentials scheme. This is a certification which asserts that companies who have qualified for Cyber Essentials are meeting the minimum required standards to be considered cyber secure.
There is absolutely no doubt that number and frequency of cyber-attacks is on the rise, and fast. With a Cyber Essentials certification, you can rest assured that you have completed all the recommended steps to offset the risk of a cyber-attack on your business.
A cyber-attack is defined in general terms as an assault performed using a computer (or computers) by cyber criminals, against a victim’s computer, computers, or an entire network of computers. The result of a cyber-attack can lead to several very serious implications for a user and even more serious implications for a business, including:
To qualify for Cyber Essentials certification, you must ensure your organisation’s compliance in these five areas:
These five areas represent the minimum efforts that any organisation should undertake to keep their business and their customers safe. In fact, many companies already meet these standards, so why not make it official?
ABtec can help you on your certification journey to achieve Cyber Essentials or Cyber Essentials Plus. Both certification paths have different levels of involvement that are required by our engineering team
A standard Cyber Essentials certification is a more straightforward exercise, where your IT team is required to complete a physical self-assessment of your IT environment, and the certification body will evaluate your answers and pass or fail you based on the answers given. The cost of the certificate itself is £350 + VAT, plus the time required by your IT team to complete the paperwork and carry out the physical inspections. Trust from all parties is required that the answers supplied are accurate.
On the other hand, a Cyber Essentials Plus is a lot stricter, and involves the certification body physically testing and auditing the IT system, as well as the answers provided. Because of this, the costs involved are a lot higher, starting with a £1500 + VAT fee from the certification body, in addition to any IT team costs involved.
As you can imagine, a Cyber Essentials Plus certificate holds a lot more weight than a standard Cyber Essentials.
Having a Cyber Essentials certificate is a great way to know (and prove) that you have carried out all that you can to offset or prevent any type of cyber-attack on your business and be confident that you have the correct, up-to-date software, hardware, and processes in place.
Furthermore, having the Cyber Essentials logo on your website or marketing materials is a great way to stand out from the competition and lets new and existing customers know that your organisation takes the security of their data seriously. As Cyber Essentials certification becomes more prevalent, many potential customers will notice if you do not have the Cyber Essentials logo on your materials, especially if your competition does.
Insurers have indicated that Cyber Essentials compliance is a factor they account for when considering insurance premiums for events like data breaches and ransomware attacks.
More and more industry bodies are making Cyber Essentials compliance a key part of their requirements. For example, it is now a requirement for law firms that wish to obtain Lexcel accreditation to first have Cyber Essentials certification. Cyber Essentials is also a requirement for any organisation that wishes to undertake a government contract whereby they handle sensitive data on the public.
ABtec IT Services can assist you in the process of complying with these five areas of control and once you are compliant, we can approve your application for Cyber Essentials.
We are excited to be able to offer Cyber Essentials compliance as a service to both new and existing clients. Get in touch today to find out more. Get in touch to find out more.