Greenwich Communication Services achieves accreditation as Cyber Crime-Fighting Super-Hero! Whilst Batman kept the streets of Gotham City safe from the underworld antics of the Penguin, Joker and Catwoman. Local IT firm, Greenwich Communication Services (UK) Ltd (GCS) has tooled up to fight a whole new breed of villain – the Cyber Criminal. Recently accredited as a Service Partner for the Government backed, industry supported ‘Cyber Essentials Scheme’. GCS will support local businessesto attain the cyber hygiene standard ‘Cyber Essentials’ or ‘Cyber Essentials Plus’ – badges which demonstrate an organisation’s effort to protect themselves against common cyber-attacks. GCS has joined an elite group of practitioners, nationwide, who are able to support organisations to achieve their Cyber Essentials Certification - an invaluable kite mark and roadmap for organisations wishing to improve their cyber-security as well as improve their chances of winning tenders for Government contracts. Background As part of the National Cyber Security Programme, the government engaged with the Information Assurance for Small and Medium Enterprises (IASME) consortium and the Information Security Forum (ISF) to develop a set of technical controls. These controls would form the basis of a kite mark for ensuring businesses protected themselves against cyber-attacks. Cyber Essentials provides a clear statement of the basic controls that all organisations should implement to mitigate the risk from common internet based threats, within the context of the Government's 10 Steps to Cyber Security. Current status The Cyber Essentials scheme was launched last year to provide basic yet cost-effective cyber security. Since then, its principles have become increasingly relevant to businesses exposed to cyber-risk (any business that uses a computer or mobile device connected to the internet). However, there are still concerns that many organisations underestimate the financial costs of a cyber-breach and the associated value of Cyber Essentials. The Cyber Essentials Scheme is now gathering momentum – potentially having a greater impact on improving information security in the UK than any other single initiative. Industry is beginning to appreciate the enduring benefits of certification and early adopters have realised that Cyber Essentials certification is a cost-effective way of ensuring a standard level of assurance is in place, that the company understands the risks and is demonstrating that to the wider market. Market advantage Early adopters are gaining market advantage by demonstrating their cyber-security awareness. The UK Government has mandated the requirement for Cyber Essentials in many government contracts and their associated supply chains – from car hire to NHS supplies. Firms may have a disaster recovery plan, which enables them to continue operating in the event of a major incident, such as a fire or flood, but most do not mitigate for a cyber-attack, which is far more likely. Many supply chain companies are now recognising the importance of this standard and some insurance companies are even offering substantial insurance benefits for early adopters of the standard. Ignoring cyber-security is no longer an option. One in ten organisations that suffered a breach in the last year were so badly damaged by the attack that they had to change the manner in which they conduct their business. Getting Cyber Essentials Certified George Ogbebor, Cyber Security Specialist at GCS said “The IASME consortium have seen large numbers of companies who would never usually have bothered about cyber-security and have no cyber-security expertise use the Cyber Essentials Scheme as a simple step-by-step route to improving their cyber security. That’s what we do here at GCS – help organisations to follow a step-by-step approach to cyber security by implementing tiers of control that will reduce cyber risk by 80%. Even commercial supply chains have started to realise that it’s in their interests to work with companies that have at least a basic level of cyber-security, so there’s commercial benefit from that too. Although cyber-security is a complex area, the achievement of the Cyber Essentials certification requires the satisfaction of basic requirements, which we can help with. As a qualified Cyber Essentials Practitioner, my job is to review the set-up of a company’s network and then support them to implement policies and controls which will lead them to the point where they can be formally assessed for their Cyber Essentials Certification. Once they’ve achieved their certification they can brand their marketing materials with the cyber essentials badge and maximise their business opportunities across all sectors”. Information Risk Management An organisation's approach to information risk management becomes integral to its operations and demonstrates market leadership in cyber-security. Cyber Essentials offers a useful mechanism for organisations to effectively demonstrate to customers, investors, insurers and others that they have taken the essential precautions. Failure to adequately protect against cyber-threats and prevent data loss can lead to share price impact, financial penalties and reputational loss. The new European Union General Data Protection Regulation, which is likely to replace the 1998 Data Protection Act, will oblige the protection of personal data with significant penalties for data breaches – up to 5 percent of a company's annual turnover. Implementing Cyber Essentials demonstrates that organisations are taking measured steps to mitigate the risk to personal data from internet-based threats. The 2015 Information Security Breaches Report, showed that the average cost of the most severe online security breaches for big businesses (500+ employees) now starts at £1.46m (up from £600,000 in 2014), while the cost to SMEs was between £75,000 and £311,000 (up from £65,000 to £115,000). Its findings were based on a survey carried out by PwC for the Government’s Department for Business, Innovation and Skills. It found that 90% of large organisations reported they had suffered an information security breach in the past year, while 74% of small and medium-sized businesses reported the same. And while attacks from outsiders have become a greater threat for all firms, 75% of large businesses and 30% of small business have suffered internal, staff-related security breaches. Cyber crime is a huge issue - and rapidly growing – it threatens businesses of all sizes, which makes increasing awareness of cyber security and its importance to local businesses, an urgent priority. While staying safe and secure online should be a key consideration for all businesses, becoming Cyber Essentials Certified will also open up opportunities for firms that want to bid for certain contracts and need the certification to proceed. ................................................................................................................................. For further information contact: George Ogbebor Greenwich Communication Services (UK) Ltd Tel: 02030040875 GCS is an IT Services Company focused on helping SMEs to improve their business performance through the effective use of IT and the Web. GCS is an accredited Cyber Essentials Service Partner specialising in supporting businesses to achieve their Cyber Essentials Certification. We equip local businesses with the information and knowledge they need to protect themselves online and will continue to work closely with the Federation of Small Businesses, MOPAC and information security professionals to push this agenda forward.