Cyber Essentials is a certification designed to ensure a network security level to help firms avoid a security breach GDPR has caused most companies to prioritise data security. Larger firms have decided that they need to have greater confidence in their supply chain. Companies are removing suppliers without Cybersecurity certification from their supplier lists, including companies with long-standing business relationships.
Two levels of certification
The basic tier is mostly self-certification and requires companies to implement security systems but might include an external network scan. Cyber Essentials Plus compliance will consist of internal and external network scans by the certification body and requires an auditor who will attend your premises to ensure compliance.
Each business needs to decide what level of certification it needs. The tier 1 accreditation will be considerably easier to obtain, cheaper, and less disruptive. Atomik.biz recommends getting the lower certification first and then working towards Cyber Essentials Plus the following year if required. Both certification levels require annual renewal, but renewal will usually be simple unless there have been many changes.
Another potential benefit of security certification is getting insurance against cyber risks and reduced insurance costs.
Visit the QG Cyber Essentials Register to check if a supplier is certified. Check the official Cyber Essentials website but remember new certifications can take up to six weeks to appear on the register.
Many small businesses will already have many of the requirements in place but will fall short in various details. Atomik.biz will help you through the process and ensure compliance with all the requirements and deal with all the paperwork.
To get Cyber Essentials certified
Telephone: 01525 540041 or 020 33271747