Exist Insight ISSUE 06

Government’s minimum level of cyber security accreditation is yet to be achieved by bulk of South West’s large businesses

  • Government’s minimum level of cyber security accreditation is yet to be achieved by bulk of South West’s large businesses image 1

Added: 07 March 2018

New research* from the region’s leading cyber security compliance specialist, Exeter-based Securious, has revealed that fewer than 5% of the region’s largest businesses are yet to achieve Cyber Essentials, the minimum level of cyber security compliance set out by the Government.

Created to help businesses demonstrate that they have technical and organisational controls in place to defend against the most common and unsophisticated forms of cyber-attack, Cyber Essentials also helps businesses meet their GDPR requirements. 

It enables businesses to demonstrate that they have frameworks in place to protect the integrity and confidentiality of data through use of appropriate security and protocols for processing data.

Securious, which became the first company in the South West to qualify as a certification body for the Government’s Cyber Essentials programme, believes that companies without Cyber Essentials or higher levels of accreditation, run the risk of becoming uncompetitive as well as possible victims of cyber crime. 

Pete Woodward, founder of Securious, commented: “Our research shows that out of the region’s top 150 companies, fewer than 5% have adopted the Government’s Cyber Essentials accreditation process. 

“Cyber security certification is required by an increasing number of Government departments, local authorities, large companies and organisations.   Businesses failing to adopt compliance, be that through the adoption of Cyber Essentials or ISO 27001:2013, are therefore putting themselves at a significant commercial disadvantage.  They also run the risk of attacks from viruses such as WannaCry and the ransomware virus, Petya, which had disastrous implications for companies across Europe, the Middle East and the US, only last year.

“With new regulations coming into effect on the 25th May 2018 - whereby breaches have to be reported in under 72 hours, and fines of up to 20 million euros (or 4% of the total annual turnover of the preceding year) can be levied if a data subject’s rights are breached - cyber security has never been more relevant.  We hope that this will be the catalyst that encourages businesses in the region to step up to the mark and prove that they are ready for GDPR, by adopting a recognised and respected cyber security accreditation process.”

Despite the low level of compliance by many of the South West’s largest businesses, Securious has seen the number of businesses achieving Cyber Essentials with them rise by 200% between 2016 to 2017. 

Pete Woodward commented: “We’re seeing growing numbers of businesses taking cyber security seriously.  GDPR has undoubtedly focussed minds, but this shouldn’t be a simple box ticking exercise.  Businesses need to be aware of how damaging a data breach can be, not only for their customers, but also for the integrity and long-term commercial viability of any business that fails to put proper cyber security and data protection in place.

“It’s a matter that affects businesses of all sizes.   It’s a continuous process that requires constant vigilance and regular reassessment.

“Under the GDPR regulations – which have been put in place to protect Personal Identifiable Information (PII), granting individuals’ rights over how their data is collected, stored and processed – businesses not only have to comply with GDPR, but they must be able to demonstrate continuous compliance; Cyber Essentials helps to deliver exactly that.” 

Cyber Essentials provides an entry level of accreditation that enables business to be sure that they have a base level of security in place to defend against up to 80% of common internet attacks.  It helps businesses meet GDPR Principle 6; integrity and confidentiality, ensuring appropriate security, and article 32; security of processing.

Cyber Essentials Plus takes this up a level, giving businesses assurance that they have cyber security controls in place to protect themselves against the most common internet-based cyber threats.  Critically, it includes internal and external vulnerability scans helping businesses to protect themselves against the latest threats, and to remain compliant.

Businesses that achieve this level of accreditation not only improve their cyber security resilience, but are able to openly show clients, prospects and partners that they have suitable measures in place that are also recognised and rewarded by the insurance industry through preferential premiums.

Smaller businesses are recommended to comply with QG GDPR Fundamentals, a foundation level GDPR Management System, which has 17 requirements including a data protection policy, objectives, consent, collection, processing, and safeguarding of personal data, subject requests for access, data portability, restrict processing, erasure and use of profiling, training and awareness, complaints and management review and audits.

Businesses interested in the Government’s Cyber Essentials programme can contact Securious for details of the accreditation process.  www.securious.co.uk / 01392 247110.

More news

  1. Digital currencies, blockchain and crypto currencies explained at summer event

    Digital currencies, blockchain and crypto currencies explained at summer event

    On Thursday 19th July, the Exeter Initiative for Science and Technology (ExIST) is hosting an event to discuss the evolution of digital currencies.

    Read article

  2. City Science, Exeter University and Hoare Lea join forces to revolutionise transport planning and building energy management using Data Science and Artificial Intelligence

    City Science, Exeter University and Hoare Lea join forces to revolutionise transport planning and building energy management using Data Science and Artificial Intelligence

        City Science are leading a £1m project to deliver digital twin technology that will seamlessly manage complex operations around congested transport networks and building energy management.

    Read article

  3. South West Institute of Technology plan reaches funding bid final

    South West Institute of Technology plan reaches funding bid final

      A multimillion pound bid to revolutionise digital technology education across the South West has reached the final phase of competition.

    Read article

  4. National Gigabit Broadband Voucher Scheme

    National Gigabit Broadband Voucher Scheme

        The Department for Digital, Culture, Media and Sport has announced a national Gigabit Broadband Voucher Scheme.

    Read article

  5. University and NHS team up to launch pioneering Academy of Nursing

    University and NHS team up to launch pioneering Academy of Nursing

      A new Academy of Nursing will combine academic rigour with NHS expertise to raise standards of care.

    Read article

  6. UK tech continues to expand at faster rate than wider economy according to Tech Nation Report 2018

    UK tech continues to expand at faster rate than wider economy according to Tech Nation Report 2018

        Tech Nation (formerly Tech City UK) have released their comprehensive annual report on the state of UK tech.

    Read article

  7. Global automotive technology firm chooses Exeter Science Park to grow

    Global automotive technology firm chooses Exeter Science Park to grow

        Global software as a service developer, Eight Technology (with its Dealerweb Showroom and React platforms) is the first company to have signed to move into the ‘grow-on’ buildings at Exeter Science Park to accommodate its expanding team.

    Read article

  8. World-class professor takes lead role at Medical School

        A world-leading expert in the economics of health is joining the University of Exeter Medical School’s senior team.

    Read article

  9. Helium detected in Exoplanet atmosphere for the first time

    Helium detected in Exoplanet atmosphere for the first time

          Astronomers have detected helium in the atmosphere of a planet that orbits a star far beyond our solar system for the very first time.

    Read article

For older news articles please click here to view our news archive.