In June 2014 the UK government launched a scheme that was to encourage businesses to adhere to best-practice in IT security. Called Cyber Essentials, it started as a requirement for all suppliers to central UK government and had one simple aim: to protect information and data from online threats.
Three years on and more than 6,000 Cyber Essentials certificates have been awarded to businesses, demonstrating their proficiency in boundary firewalls and internet gateways; secure configuration; access control; malware protection and patch management. At NW Security Group, we’re incredibly proud to announce we’ve gone one step further, and are currently the only systems integrator to achieve Cyber Essentials Plus certification. But why?
Securing the supply chain
Where Cyber Essentials relies on organisations to complete a self-assessment, Cyber Essentials Plus tests are carried out by an external certifying body. We sought to achieve this additional industry verification because we are relentlessly dedicated to security and systems hardening. It is vital for us to demonstrate that we understand security best-practice so when we work on a customer’s system, they know we won’t be a vulnerability in their supply chain.
In his recent speech at the Institute of Directors conference, Matt Hancock MP, Minister of State for Digital, said, “The security of our suppliers is as important as our own security – the two are inextricably linked1.” Those words strongly resonated with us. The proliferation of data breaches we read about each day has made it all too clear that a business is only as secure as its weakest link – NW Security would now encourage all companies to assure the security of their supply chains by adopting Cyber Essentials.
This is especially important considering the incoming EU GDPR in May 2018. The new legislation will provide a baseline for the way organisations capture, handle and report on Personally Identifiable Information (PII). Despite the increase in awareness over the last year, it seems almost two thirds of British businesses are still oblivious to the significant fines they could receive for putting data at risk2.
Preparing for EU GDPR
As the use of technology increases within business, more and more data is being processed and stored every day which must be kept out of hackers’ reach. Furthermore, the increase in technology being added to a network, such as CCTV and access control devices, means more endpoints that must be secured. No easy task then.
Our effective action plan will guarantee compliance by May 2018.
NW Security made Cyber Essentials Plus a business priority in 2017, as we want our partners and customers to know how seriously we take security. But we don’t just want to ensure our own security. Our consultants are armed with the latest knowledge and tools to help your business assess its current security policy and procedures. To ensure the security of your supply chain and prepare for GDPR, our effective action plan will guarantee compliance by May 2018. Discover NW Security’s GDPR Organisational Readiness Assessment.