11 Jul 2016

10 Reasons why you need to protect your business from cyber threats


The Cyber Security Landscape

Businesses have always relied on data to provide insight into the customers they serve and the markets in which they operate.  Advances in technology have made it possible for companies to hold terabytes upon terabytes of data, which can be harnessed to provide great customer service; however if it falls into the wrong hands it can be extremely dangerous.


Knowledge is Power

The phrase ‘knowledge is power’ has never rang as true as it does in today’s data rich marketplace, and as a result cyber security is becoming an increasingly important facet of businesses. 2015 was an extremely bleak year for cyber security, with high-profile security breaches such as JD Wetherspoon, Ashley Madison and TalkTalk putting cyber security firmly under the microscope.

Being Cyber Essentials certified is now a mandatory requirement for companies in certain sectors wishing to do business with the Government.  The Government has recognised the need for a fundamental change in the way companies manage and protect their data to avoid similar breaches in the future.

Cyber Essentials

Cyber Essentials is a Government backed initiative designed to provide businesses with a set of measures to help businesses get a handle on the common forms of cyber attacks that they may be exposed to. Cyber Essentials provides businesses with a set of proactive measures that can be taken to significantly reduce their vulnerability. This article will take you through the ten main reasons to protect your business from cyber threats with Cyber Essentials certification.

1. It is now a mandatory requirement for companies bidding for certain government contracts

If your company is in the ICT sector and/or deals with sensitive information, the Cyber Essentials certification is now a mandatory requirement, and makes up part of the PQQ (pre-qualification questionnaire) for the contracts in question.

2. It shows that you take your customer’s data seriously

As we mentioned before, due to certain high-profile security breaches, cyber security is now seen as an important facet of business by many companies, especially those dealing with sensitive information. Protecting your business from common threats will not only keep your data secure, it will illustrate to potential customers and suppliers that you see the value in it.

3. It allows you to  reduce insurance premiums

The Cyber Essentials certification is an indicator of a forward thinking and mature approach to cyber security in the eyes of many insurance firms. According to the Cyber Security Insurance report, the Cyber Essentials certification reduces risk which will have a positive impact on your insurance premiums.

4. It differentiates you from your competitors

In today’s business environment it is extremely difficult for companies to find new and innovative ways to stand out from the crowd. Cyber Essentials provides this innovative distinction  and helps business build a positive reputation through cyber credibility.

5. It lessens chances of a security breach

The Information Security Breaches Survey (2015) found that 90% of large businesses and 74% of SMEs experienced a security breach in 2015. The survey also highlighted that the average cost of a cyber security breach for an SME has increased from between £65k and £115k in 2014, to between £75k and £311k in 2015. These statistics show the value of pre-empting cyber breaches. The cyber essentials certification requires minimal investment and could potentially save you a six figure sum.

6. Hackers target SMEs

Most companies retain transaction details on their servers, which includes sensitive information such as credit card details. The purpose of this is to enhance the ease and speed of use for the user. However, if this data is to be kept safe there need to be stringent cyber protection measures in place. The reason that hackers love SMEs is because of the sheer volume of them who don’t invest in cyber security.

Too often SMEs view cyber security as something only required by organisations such as the Pentagon or the World Bank. This is a dangerous trap to fall into, as hackers feed of this misconception, and use it to target weak links in the supply chain..

7. Lack of knowledge share leaves cyber security skills gaps

The most skilled people in cyber security are usually employed by big companies who are extremely secretive about issues such as cyber security, and for good reason. If the people trying to infiltrate these companies knew the measures that were being taken to prevent them from doing so, it would make getting round them much easier.  There is a severe lack of knowledge share in the cyber security space for this very reason. The Cyber Essentials initiative aims to arm businesses with the tools they need to protect themselves.

8. Hackers Target weak links in the supply chain

Hackers now understand that smaller businesses tend not to have as tight cyber security measures as the large multinationals. If a hacker is targeting a big company, they will initially hit the SMEs in their supply chain in order to obtain valuable information that may help them breach the defences of their target.

9. Inside Jobs

The most costly and damaging cyber attacks tend to be inside jobs, despite this most companies still do not have measures in place to combat this type of attack. On achieving the Cyber Essentials certification, the business will be armed with the knowledge and tools to ensure that their business is protected against both internal and external threats.

10. Cyber security should be no different to bricks and mortar security

When a business moves into an office they want to ensure that their computers, documents, cash and valuables are safe. Each staff member gets a swipe card that provides them with access to the building and monitors their comings and goings. The business would invest in security cameras to monitor the office to ensure that they know what is going on at all times. They would invest in a security alarm so that the police would be notified if anyone entered the building unauthorised. They would get a safe in which to keep cash and important documents.

Almost 100% of companies take these measures to protect their information and valuables when moving into a new office. The information that a company holds on their servers about customers and suppliers is just as valuable, so companies need to start putting as much effort into safeguarding this as they do into protecting their tangible assets.

DCI Cyber Essentials Certification

DCI Cyber Essentials accreditation is a straightforward process which provides your business with the tools and knowledge required to protect your data against the threats that you are exposed to on a day to day basis.

If you think that your business could benefit from being Cyber Essentials certified, click here.