What’s the risk?
In the early days of 2018 came Spectre and Meltdown, hardware vulnerabilities enabling programs to steal data processed on a device or in the Cloud, that should be inaccessible and secured – for example, personal data and photos. Vulnerabilities are common in many types of popular software, they are frequently being discovered (i.e. daily) and, once known, can quickly be exploited by cybercriminals.
The potential impact of the above is increased with the introduction of the General Data Protection Regulation, which comes into effect May this year, placing a higher degree of accountability on organisations with regards to data privacy and protection. Organisations will be held responsible for data breaches, with the potential to face hefty fines as well as reputational damage.
How can Cyber Essentials help?
Cyber Essential is a government-backed scheme supported by industry, which outlines five fundamental principles required to mitigate cyber risk:
1/ Patch management
2/ Boundary firewalls and internet gateway
3/ Secure configuration
4/ Access controls
5/ Malware protection
One of the six principles of GDPR is to safeguard personal data adequately. Certification in the Cyber Essentials scheme provides a clear demonstration to the ICO as well as assurance to your clients, investors, suppliers and stakeholders, that you take cyber security seriously and have taken fundamental steps to reduce the risk of a data breach.
How can we help?
We are both Cyber Essentials Plus accredited and accredited Cyber Essentials Practitioners. We can, therefore, provide guidance and assistance to enterprises looking to achieve Cyber Essentials, through to completing the application.
Here is the feedback from the Cyber Essentials Certification Body, talking in relation to a professional services company we recently helped become fully Cyber Essentials Plus certified: ‘The tests went extremely well. Thank you for having the Instant On IT engineers on site; they both did a great job. So much so, I think it’s the fastest test I have done so far!’
Contact us for: IT Security, Cloud Services, Infrastructure Consultancy, IT Management & Support