Do You Know About Cyber Essentials?
A critical element to the longevity and survival of any business is that they adopt an all-encompassing cyber security and disaster recovery strategy. Advancements in technology mean that the world is becoming more digitised and, as this trend grows, cyber-crime grows alongside it. From customer service to communication and accounting, there’s a heavy reliance on technology for the majority of enterprise operations. From hosted desktops to cloud backup and virtualisation, software and computing has become integral for every business. But as companies have become more savvy, so have the cyber-criminals looking for vulnerabilities – there have been instances where sophisticated hackers have been able to orchestrate attacks without disrupting a business’s day-to-day operations.
When IT managers, business owners, MDs and CEOs embark on cyber-security awareness training and sign-up to Cyber Essentials, their employees are brought up to speed on their IT security procedures, best practices and policies. They can then pass this training on to their employees, making sure that their colleagues are not only aware of these policies but can understand and follow best practices.
What is Cyber Essentials?
Cyber Essentials is a UK Government accreditation that’s operated by the National Cyber Security Centre (NCSC). This information assurance scheme encourages SMEs and organisations to assume good practice in information and cyber security. There are two forms of Cyber Essentials: the initial Cyber Essentials accredited through the completion of a self-assessment form, and the more advanced Cyber Essentials Plus.
Both forms consist of understanding and meeting five key cyber security controls. However, while Cyber Essentials is achieved through the completion of a self assessment questionnaire, Cyber Essentials Plus involves being examined by an external, certified body on your premises. Due to this, Cyber Essentials Plus is particularly designed for those organisations with a more complex IT infrastructure.
Why is Cyber Essentials important?
No cyber security strategy will protect you 100% against a cyber-attack, but you can certainly put procedures in place to minimise the risk of one, and this is what the Cyber Essentials scheme aims to do. The accreditation has a tough base that helps to reduce the risk of these ever-growing cyber-attacks.
A ransomware attack or serious data breach could have a detrimental impact on a company. From financial devastation to destroying their reputation, the effects of an attack shouldn’t ever be underestimated. When a business signs up to the Cyber Essentials scheme, they’re required to self-assess their security against an assessor company’s questionnaire. Once they’ve completed the assessment, it’s then verified and signed off by a senior executive. Every aspect of the company’s security policies will be scrutinised, uncovering weaknesses that will then get your employees thinking about cyber security.
What’s worrying is that a staggering number of UK businesses are unaware of the Government-backed accreditation. According to a recent survey from CyberGuard, almost one in five IT managers reported that they were unaware of how Cyber Essentials compliance could help their business, with 10% unsure of whether their company even had the certificate.
Your Employees Pose the Biggest Threat
But why should this be a concern? According to the Government’s Cyber Security Breaches Survey 2018, 43% of businesses experienced cyber security breaches or attacks over the last 12 months, and of those businesses, 56% held personal data on customers in the cloud. Alongside this, 90% of cyber-crime stems from human error, which means uneducated employees pose a huge risk to the security of your business.
When there are schemes and methods out there to help prevent a data breach or attack, it is inexcusable for CEOs, MDs, IT Managers and Owners to claim ignorance in the world of cyber security.
To put this in perspective, more than 281 billion consumer and business emails were sent per day in 2018, and this number is expected to rise to 333 billion by 2022. Alongside this, it’s thought that 156 million phishing emails are sent every day, and of those, 16 million will manage to surpass filters. Of the 10% that make it through the spam filters, half of them will be opened, and 10% of those click on phishing links. While only 10% of phishing emails make it through, unsuspecting victims are still opening these emails and clicking through, which means that malware is being downloaded onto business networks and infiltrating sensitive customer data. This begs the question - can a company really afford to go without a Cyber Essentials Accreditation?
What’s Stopping Businesses Become Cyber Aware?
Educating employees and understanding risk is crucial for businesses wanting to protect themselves against data breaches and cyber-crime, so what’s stopping decision makers from getting a Cyber Essentials Accreditation? According to the survey, 67% of IT managers said that a lack of understanding of what this government-backed scheme was had stopped them applying. Alongside this, 29% said that they didn’t think it was important for their cyber security strategy, and 42% cited a lack of funds as the reason.
While there’s clearly ignorance surrounding cyber security awareness, 81% of the businesses surveyed said that they were Cyber Essentials certified, and 69% reported that they understood the benefits of being so. Meanwhile, 84% said that having the accreditation helped them win more businesses.
The benefits of Cyber Essentials Accreditation
There’s no denying that there’s a clear case for IT decision makers to ensure that their business is Cyber Essentials certified. From helping you become GDPR compliant to reaffirming trust with your clients and customers, to scoring new business deals, the benefits of obtaining Cyber Essentials accreditation far outweigh the financial cost of it.
Upgrading to Cyber Essentials Plus brings additional benefits. While Cyber Essentials shows your customers that you take cyber security seriously, Cyber Essentials Plus gives further validation to this, demonstrating that you can adhere to the requirements in practice and have the necessary measures in place. As this is verified by a third party, this shows that your organisation has an even higher commitment to security.
Paul Colwell, Chief Technology Officer at CyberGuard states, “Here at CyberGuard, we encourage companies to become Cyber Essentials certified since it can help protect against most common cyber-attacks. In 2019, it should be paramount that businesses who rely on technology protect customer and employee information - as well as their own. Becoming Cyber Essentials certified is a great start to implementing strong and secure cyber security practices.”
Get in touch with OGL and find out more about becoming Cyber Essentials certified today.

Learn more about managing cyber threats
Protect your business from attack with CyberGuard









Managed Firewall
Our managed firewall service not only monitors and maintains your firewall to make sure it is up-to-date with the latest security patches, but it also provides detailed analysis of user and traffic behaviour.
Find out more >>
Next-Generation Anti-Virus
Advanced-level threat protection service that protects user endpoints by not only looking for known viruses and malware, but also inspects files and identifies threats by analysing previous user's behaviour.
Find out more >>
Penetration Testing
Our experts will attempt to penetrate your network by safely exploiting any vulnerabilities found. We’ll simulate a cyber-attack without the malicious intent in order to find out how your staff will react to a live attack and highlight your security flaws.
Find out more >>
Vulnerability Testing
The first step in understanding what an attacker or employee can pose to your network or data. After testing we’ll produce a vulnerability report which will pinpoint your existing weaknesses and categorise them with critical, high, medium and low risk ratings.
Find out more >>
Anti-Virus Protection
We are only one of only few businesses within the UK to be a Tier 1 Partner. This prestigious accreditation ensures we offer a secure anti-virus solution to help protect your network from viruses and worms.
Find out more >>
Firewall Security
Our Firewall Security will help protect your business by blocking unwanted traffic, whether it be protection from emails with very large file sizes or executable files which autorun.
Find out more >>
Multi-Factor Authentication
Simply adding a third layer of security when signing in can help to drastically reduce unauthorised users gaining access to your sensitive data.
Find out more >>
Web & Email Security
Pass responsibility for your web and email security so we can scan your emails for viruses, phishing threats, content violations and spam. All by using real-time inspection methods, saving you time and increasing your productivity.
Find out more >>Speak to our experts
Looking for smarter and more secure ways to work? Book a free online, or on-site, consultation with our team of specialists to discuss your business goals and objectives. Call us on 0203 988 6699 (London office) / 01299 873800 (Midlands office), or request a call back below.