The new GDPR regulations have caused most companies to prioritise data security. Larger firms have decided that they need to have confidence in their supply chain which is often smaller firms.
Some companies without Cyber Essentials certification are no longer considered for new contracts. This even includes companies with long-standing business relationships.
There are two levels of certification. The basic level is mostly self-certification but might include an external network scan. A Certification body verifies Cyber Essentials Plus compliance and will consist of internal and external network scans. Obtaining Cyber Essentials Plus means paying a day rate for the auditor who will attend your premises, and that is likely to cost circa £1500, depending on certification body and consultant costs. Each business will have to evaluate what level of certification is required. Cyber Essentials will be considerably easier to obtain, cheaper and let disruptive.
Atomik.biz recommends obtaining the lower certification first and then working towards Cyber Essentials Plus the following year. Certification has to be renewed each year.
Another potential benefit of having security certification is reduced insurance costs and being able to get insurance against cyber risks.
Many small businesses will already have many of the requirements in place but will fall short in various details. These will need addressing before applying.
Atomik.biz can help you through the process and ensure compliance and deal with all the paperwork.
To get Cyber Essentials certified
Please use the Contact us page or call Atomik.biz on 01525540041 or 02033271747