Launched in June last year, ‘Cyber Essentials Scheme’ is a first step accreditation for IT security for businesses. ISO 27001 is the main security standard many large businesses and county councils achieve. However, it is sometimes too complex for small businesses to gain, as it needs several named individuals in specific security roles within the business. Many policies and procedures need to be in place too.
Rather than leaving many small businesses vulnerable, the UK Government has worked with the IASME consortium and the ISF to help protect small businesses. SMEs are now recognised as part of ‘critical national infrastructure’, as the work SMEs do, and the taxes paid to government, play a critical role in the economy. There are over 22,000 businesses in Worcestershire alone!
Cyber Essentials is a government-backed, industry supported scheme to help organisations protect themselves against common cyber attacks. CESG (the information security arm of GCHQ) has carried out an analysis of successful Cyber Attacks on a wide range of organisations. Around 80% of cyber attacks can be prevented by just five IT security controls. An example of one of these is having up-to-date anti-virus software.
The intention is that compliance with Cyber Essentials will add value to the majority of organisations, demonstrating to customers, partners and stakeholders that your business takes information security seriously.
This accreditation has been pitched at small and medium sized enterprises (SMEs). Larger companies are gaining accreditation too, which is helping to endorse the scheme.
Accreditation costs start at just £300 for the self-assessment version. Consisting of around 120 questions of mostly yes/no responses, allows the business to calculate cyber-risk. Whilst completing the self-assessment, many clues about how to reduce cyber risk emerge.
To find out more, visit the www.gov.uk website and search for ‘cyber essentials scheme’. Let’s help make Worcestershire ‘the safest place in the UK to do business’.