Large cyber-attacks are in the news all the time, with cyber criminals worryingly targeting banks, the NHS, large businesses and recently the emails of Government ministers. It’s easy to understand the value of the information these criminals might be able to extract from attacking such high profile targets, and as a result we perhaps come to associate cyber-attacks with being only directed at larger, public organisations. This is a major error: all businesses have something worth stealing, and as such cyber criminals target any organisation which isn’t properly protected, even small businesses.
Cyber Essentials is a scheme designed by the Government to help small companies protect themselves. It aims to teach them how to address the basic weaknesses that small companies are most likely to possess, and prevent the most common attacks.
For businesses, the aim behind attaining a Cyber Essentials badge is to protect themselves against common cyber threats and show customers they take the security issue seriously.
In addition, since 2014 Cyber Essentials has been mandatory for suppliers of Government contracts which involve handling personal information and providing certain IT products and services. Holding a Cyber Essentials badge enables a company to bid for these contracts. It also allows them to advertise that they meet a Government-endorsed standard, which understandably can provide a boost to the reputation and success of the company.
To get a greater understanding of what Cyber Essentials is like as an experience and the reasons for undertaking it, we spoke to someone who has been through it. David Shuster is the Managing Director of Managed IT Experts, an IT Solutions company who have been based in Fife since they started in 2005. They service clients in Dunfermline and across the central belt. They aim to take a proactive approach to their services, with their stand-out point being that rather than simply letting client’s IT break and then going in and fixing it; they become a client’s IT partner, working with them to act before problems affect productivity and assess how IT can get them where they want to go.
They went through the scheme via CyberAggress, an interesting organisation offering Cyber Essentials as one of their services. They will be featured in another CC article later this week and also offer a great perspective of cyber security in small companies.
In terms of Managed IT Experts and their experience, though, the discussion with David Shuster pulled out some excellent insights into the process and the reasoning behind why he felt it was necessary for his company to go through Cyber Essentials. He made a particularly interesting point about how he feels it shows his company to be taking a lead in all things cyber security.
Hi, David. What were the motivations for Managed IT Experts to go through the Cyber Essentials scheme?
We are a Managed Services Provider and it is important for us to practice what we preach to our clients. That’s why we took the lead to go for the Cyber Essentials Plus and hopefully to show the way to other small businesses. Also, as a small business owner I wanted to make sure that we are as cyber secure as we can practically be and that I can focus on developing my businesses rather than having to worry about any potential security breaches.
Why did Managed IT Experts choose CyberAggress to complete the Cyber Essentials scheme with?
I checked David’s background and I was happy with his prior experience and track record. During the initial meeting he came across as a straight talking guy who knows his stuff, and he proved it by delivering an excellent service to us.
How important do you feel it is for IT support companies like yourself to go through the Cyber Essentials scheme?
It is critical. Not only that we should take all the measures possible to protect our client data and networks that we have access to for remote access, but we should be leaders in the SME market. If IT Support companies are not secure then how can you expect an average SME to take security seriously?
What were the key benefits of working with CyberAggress?
High standards, good communication, good value for money.
What form did the scheme take and how exactly did CyberAggress guide you through the process?
It was a fairly straightforward process but at the same time strict enough to make sure that the right level of security is in place. After going through the process and now that we are officially certified, I must say it is not just a nice badge to put on our website. We truly have increased our cyber security even further and it was very practical and beneficial to the business.