In a piece of research recently undertaken by iZurick it was found that 875,000 SME’s across the UK have been affected by a cyber-attack over the last 12 months.
Karl Greenfield, Head of Cyber Security at CNS adds weight to this statement: Cyber Essentials being a prerequisite “no brainer” for all UK SMEs. SME’s realize they now need to expend resources on cyber defences given the ongoing trend of rising levels of risk from this direction. However, they are faced with the dilemma of choosing from a plethora of expensive cyber offerings, the benefits of which, (where they exist) may be difficult for them to discern, or measure against the priorities of their organization.
Cyber Essentials represents a means of applying cost effective measures across the board, swiftly, and which have the immediate effect of thwarting up to 80% of attacks, while mitigating many of the remainder. The scheme is mature, government backed and based upon UK’s world leading approach. To take an automotive analogy, whereas other nations’ approach to national cyber defence is “I accept the risk due to my car tyres being bald”; the Cyber Essentials approach mandates “My car tyres must have 5mm tread, also steering and headlights must be fully operational”.
Cyber Essentials + takes this a stage further, ensuring that cyber controls such as patching and secure configuration are in place by targeting samples of infrastructure and actually having them tested by an external expert – CNS experience shows that this exercise very often results in raising cyber defences significantly, even among those organizations who were “sure they were doing everything necessary”. Cyber Essentials/+ should be front of the queue in the SMEs cyber budget, not only as the fastest and most cost effective means of raising the cyber hygiene bar to a minimum standard; but also as a potential “get out of jail free card” to wave in front of the ICO, following GDPR “go live” date in May next year. CNS were a Cyber Essentials pioneer and now lead the field of certification bodies with approaching 1000 organizations certified.
Our Cyber Essentials auditors are experienced, well qualified and looking forward to further raising UK cyber defences of current and future clients for years to come.