Cyber Essentials: Why no one can afford to be blasé about cyber security
Cyber security is something no organisation can afford to get blasé about. Malware is spreading and evolving on an almost-daily basis, and barely a month goes by without hearing about another cyber-attack striking in the UK.
We've had customers that have been affected by the particularly nasty CryptoLocker virus quite recently, which is a constant reminder not to get complacent. These weren't companies that didn't have security measures in place – in fact, they have very good, well-managed processes – but all it takes is one infected email attachment and you've got a disaster on your hands.
We can't stress enough how important it is to communicate risks throughout the whole company, from the top down; knowing what to look out for is half your battle. Also, if disaster does strike, knowing what to do and who to call will make your recovery process that much quicker. Ransomware can be a fatal blow to an organisation, but it really doesn't have to be.
If you've backed up your files to a cloud provider, a copy of your entire environment is stored offsite – unaffected by the malware and the huge ransom you're inevitably faced with. You can restore your unharmed files within minutes, usually without most of the organisation even realising.
There are a lot of security measures and certifications designed to ensure data protection, such as the ISO/IEC 27000 series, but a new scheme focusing primarily on cyber security has just been launched. The Cyber Essentials Scheme offers guidance and assistance to organisations taking their first steps towards cyber security, and is focused around a set of five controls derived from Government analysis of the most common attacks and vulnerabilities.
We think it's fantastic that there is this kind of specialised guidance available now. Good security practices don't have to be complicated to be effective. Giving small and medium businesses clear guidance and simple, practical advice will bring more robust security practices to the front and centre in the industry.
We're delighted to be announced as one of the first organisations in the UK to become certified onto the initiative.