Ascent Cyber FAQ
Cyber Essentials FAQ
What is Cyber Essentials?
Cyber Essentials is a Government backed scheme that will help you to protect your organisation, against a range of the most common threats and cyber attacks. It is a simple, but effective level of cyber security that will give you peace of mind that you have defenses in place to protect you from ‘digital thieves’ and unwanted damage to your business and reputation – and ultimately to protect the confidentiality, integrity and availability of company information.
It addresses 5 main technical controls tha,t once in place, will prevent the most common attacks against businesses in the UK.
What is Cyber Essentials Plus?
Cyber Essentials Plus is the highest level of certification offered under the Cyber Essentials scheme. The Cyber Essentials Scheme is a UK wide, government-backed certification that not only ensures your organisation has the correct technical controls in place to protect yourself from the most common threats, but also tests them against a realistic attack scenario and any vulnerabilities found are highlighted and rectified.
How can Cyber Essentials help my business?
Cyber essentials has many benefits, both as a security measure, and as a way to promote and expand your business. Not only does it show your commitment to cyber security, but it also provides a level of assurance to your clients, partners and suppliers. Cyber Essentials certification also adds an element of prestige to your organisation, and if you are tendering for local or government contracts, can increase your chance of being successful.
Does my business need Cyber Essentials?
We believe that every organisation should be proactive in putting preventative security measures in place, and by achieving the certification, you demonstrate to both clients and cyber criminals that your are committed to securing your information. However, if you are tendering for local or government projects, in many cases you MUST have Cyber Essentials, with some projects requiring a minimum of Cyber Essentials PLUS.
Cyber Security FAQ
What is meant by Cyber Security?
There are many aspects of cyber security, which in a collective effort, aims to protect the confidentiality, integrity and availability of data, connectivity and computer systems against cyber attacks or unauthorised access.
How likely is a Cyber Attack?
In the recent ‘Cyber Ready Report 2020’ published by Hiscox, it is stated that some of the largest losses due to cyber attacks were seen within the UK market. 23% of businesses with 1-9 employees fell victim to cyber attack in the last year alone, costing on average £4,359.00, while almost a third of organisations with 10-49 employees also suffered attacks, costing on average £9,225.00. Similarly, 29% of organisations with 50-249 employees came under attack and experienced average financial loss of £58,750.00.
Why do small businesses need Cyber Security?
Small business are often targeted by cyber criminals due to the lack of budget or investment in proper cyber security measures. Considering that almost a third of the UK SME sector suffered a cyber attack last year, and the growing pressures from consumers to protect their data, it is becoming vital that small businesses take security seriously.
How does Cyber Crime affect businesses?
If your organisation falls victim to a cyber attack, the effects both financially and emotionally, can be long lasting. The economic loss arising from theft of data, financial information, trade disruption and loss of business can be substantial, and cause a huge amount of distress to both business owners and their employees.
Cyber attacks can also damage your business’ reputation and destroy trust you may have earned from clients, partners and suppliers, which in turn can lead to loss of customers, sales and profit.
Is it also important to note the legal consequences of a cyber attack or data breach. GDPR laws are heavily regulated within the UK, and as a business owner you are required to manage the security of data effectively. If any personal data within your organisation is compromised, and you do not have security measures in place, you could face hefty fines.
How can companies prevent Cyber Attacks
There are a number of ways in which to begin protecting your data, systems and networks from cyber threats, including If you have no technical knowledge and not sure where to start, The NCSC has a wide range of freely available guidance documents and interactive sessions that help business owners understand their cyber security needs and start thinking about their security plans.
The UK government has also introduced the Cyber Essentials Scheme which aims to address 5 main technical controls business should implement in order to protect themselves from the growing threat of cyber crime. These include Access Control, Secure Configuration, Firewalls and Internet Gateways, Patch Management and Malware Protection. There is also a more rigorous assessment, Cyber Essentials PLUS, which will test the security of your organisation against basic hacking and phishing attacks.
It is also important for employees to play their part in protecting important company information and client data. Since Covid19 and lockdown, there has been a significant rise phishing attacks – where if successful, an attack can trick an employee into inadvertently downloading malicious content that can infect systems with malware. This in turn can give an attacker unauthorised access and ability to ‘move around’ within an organisation in the search of valuable data or to disrupt day to day activities. Employee training helps educate your staff on typical phishing techniques and what to look out for should a malicious email make its way into your organisation.