The three major causes of technological damage experienced in business are mistake, malfunction and malice. The first two are concerns for internal management and IT support but when it comes to malicious attacks, either to cause harm or to steal or extort money, there are significant and developing resources available to companies. Cyber attacks take many forms, such as denial-of-service and malware which includes viruses, spyware and ransomware, designed to hold data or systems to ransom. Others range from unsophisticated practices such as phishing – attempting to steal sensitive data under the guise of legitimate email communication – to far more advanced ploys such as man-in-the-middle attacks, where a criminal gains access to an unsecure network, inserting themselves between two parties to a transaction, and SQL injections which force servers to disclose protected information.
Protection from cybercrime is a priority for governments, public bodies and the business community as a whole. The National Cyber Security Centre (NCSC) is an organisation established in 2016 by the UK government under the auspices of GCHQ to take over from the Communications-Electronic Security Group. Like its predecessor, the NCSC is dedicated to supporting and advising public and private sector businesses on best practice in countering cyber threats. The NCSC inherited the government’s Cyber Essentials programme which is a simple but comprehensive and hugely effective scheme that is designed to help bodies and businesses of all types and sizes.
The main achievements of the Cyber Essentials programme
Working with a certified Cyber Essentials consultancy
Gradeon’s experience has confirmed many times over the importance of implementing the strongest cyber protections and keeping them up to date as the ingenuity of determined criminals enables them to devise new ways to breach previously unassailable defences. Obtaining certification under the scheme from the NCSC not only gives you the peace of mind that comes from having the latest safeguards in place, but it also demonstrates to the public, to the markets, to your competitors, your partners and government bodies that your organisation provides a safe trading environment and can be trusted to store and handle sensitive data.
The Cyber Essentials programme offers two levels of certification, the simpler of which is carried out by self-assessment and equips you with the basic protections necessary to deal with the majority of the most common cyber assaults. Apart from the efficacy of the measures themselves, the very fact that you carry the stamp of certification will discourage criminals. The higher level is Cyber Essentials Plus, which covers broadly the same defences but requires third-party technical inspection and verification. Gradeon can offer you all the help you need in obtaining certification, our cyber essentials audit will identify the measures you need to take and the management systems you need to maintain in order to gain for your business all the advantages of state-of-the-art cyber protection, now and in the future.