We are very pleased to announce that we are the first business in the Highlands and Islands that has achieved the UK government backed Cyber Essentials scheme badge for cyber security. The Cyber Essentials scheme was released in June 2014 and today just over 1,000 businesses have managed to achieve this accreditation and given the very recent media coverage of the Talk Talk data breach it is ever more important that UK businesses implement controls and policies to protect against this threat. In addition to achieving Cyber Essentials, we also achieve ACE Practitioner status and are able to offer assistance to businesses that wish to achieve Cyber Essentials.
Scottish businesses are being urged to utilise a government backed scheme to protect themselves against cyber threats. According to the Department for Media, Culture and Sport, while businesses are reaping the rewards of operating online and now earn £1 in every £5 from the Internet, cyber attacks are considered a growing and serious threat to UK businesses. The latest figures reveal that 74 per cent of small businesses and 90 per cent of major businesses has had a cyber breach of security in the last year.
Ed Vaizey, Minister for the Digital Economy recently said “Trust and confidence in UK online security is crucial for consumers, businesses and investors. We want to make the UK the safest place in the world to do business online and Cyber Essentials is a great and simple way firms can protect themselves.”
Many small businesses feel that their cyber risk is low and whilst there are many examples of large businesses being affected in the public domain, there are few examples of Scottish SMEs being affected due to the stigma of suffering a breach. Taking for example the small structural steel company that spent £28,000 recovering and protecting from a minor virus infection whilst also having costs of £1.2M in contractual claims and re-engineering due to the damage caused by the virus. Thankfully for this business these losses were covered by their insurance provider but they suffered reputational damage as a result of the incident in addition to the operational impact. The insurance industry is beginning to wake up to the cyber security risk and now offers new products protecting against the risk but businesses will need to demonstrate their cyber risk management policies to ensure compliance.
Businesses are encouraged to consider achieving one of the Cyber Essentials scheme’s two levels of accreditation badges that signify their adherence to the government endorsed standard. Cyber Essentials sets out five basic technical controls which assist in protecting a business against the majority of Internet threats like viruses, malware and hacking. Details of the Cyber Essentials scheme can be found at www.cyberstreetwise.com/cyberessentials and whilst it is a self -assessment survey businesses may wish to work with a qualified Cyber Essentials Practitioner who is independent of their current IT service provision in order to ease the process of achieving a Cyber Essentials badge.