IS Opportunities June 2018

orderForm.title

orderForm.productCode

orderForm.description

orderForm.quantity

orderForm.itemPrice

orderForm.price

orderForm.totalPrice

orderForm.deliveryDetails.name

orderForm.deliveryDetails.accountNumber

orderForm.deliveryDetails.phone

orderForm.deliveryDetails.poNumber

orderForm.deliveryDetails.email

orderForm.deliveryDetails.companyName

orderForm.deliveryDetails.billingAddress

orderForm.deliveryDetails.deliveryAddress

orderForm.deliveryDetails.deliveryDetailsDeliveryAddressSameAsBillingAddress

orderForm.deliveryDetails.address1

orderForm.deliveryDetails.address2

orderForm.deliveryDetails.city

orderForm.deliveryDetails.state

orderForm.deliveryDetails.postCode

orderForm.deliveryDetails.country

orderForm.deliveryDetails.additionalInformation

orderForm.noItems

FEATURE

Show clients you value security with Cyber Essentials Plus

Matt Rhodes

Businesses are seeking government-approved Cyber Essentials Plus badges to prove they are proficient in dealing with cyber- attacks, as criminals become more sophisticated in their efforts to breach company systems. In the past 12 months, 875,000 small and medium-sized businesses have been targeted by cyber-criminals, costing a fifth of affected organisations over £10,000 in damages. It is no longer enough for organisations to simply claim they

have strong cyber security, instead potential clients and partners are demanding they prove it, according to Quiss Technology Commercial Services Manager, Matt Rhodes. “When making decisions about what suppliers to choose,

clients are adopting stricter vetting processes and actively seeking evidence that an organisation’s security standards are up to scratch. “This is why all businesses should be striving to achieve the

Cyber Essentials Plus certification, as it not only guarantees your own safety, but also reassures clients who deem cyber security a top priority.

A seal of approval

“There are currently two different certifications available to businesses – the standard Cyber Essentials and the Cyber Essentials Plus. “Cyber Essentials represents the most basic level of cyber security, requiring organisations to complete a short questionnaire regarding their current security status, before being reviewed by a separate, recognised body. “The organisation will typically undergo an external vulnerability assessment from a certifying body, which directly tests that individual controls on the internet facing network perimeter have been implemented correctly. “However, this only tests your security controls’ capability

when dealing with smaller, simpler threats, and does not monitor its ability to withstand more complicated and persistent attacks. “Cyber Essentials Plus, however, requires an organisation to undergo a much more thorough assessment, which is based on internal security assessments of end-user devices. “Using a range of specialist tools and techniques, the Cyber

Essentials Plus assessment recreates various attack scenarios to assess how your system deals with real threats – ensuring all security controls are installed and implemented correctly.

12 www.isopps.com

“The Cyber Essentials Plus certification requires your organisation to have five technical controls in place, including; • Boundary firewalls – these devices are designed to prevent unauthorised access to or from private networks, but require good setup to achieve maximum effectiveness;

• Secure configuration – ensuring systems are configured securely to suit the requirements of an organisation;

• Access control – only allowing those with authority to have access to systems;

• Malware protection – ensuring the most up to date virus and malware protection had been installed;

• Patch management – ensuring the latest supported version of applications is used and all the necessary patches have been applied.

“Only once a company successfully passes these tests can

they be awarded the badge, which can then be displayed on an organisation’s website, showing customers that they value cyber security and can effectively deal with any incoming attacks.

Staying vigilant – remaining protected

“For businesses who are serious about achieving strong cyber security, Cyber Essentials Plus is the only option worth considering. “The Cyber Essentials Plus scheme provides a well-defined standard that is suitable for organisations across all sectors, including charities, schools, universities and local authorities. “The basic Cyber Essentials certification should only be a

starting point in your efforts to strengthen your company’s cyber security – the extra checks involved with Cyber Essentials Plus make it the best choice, especially with GDPR coming into effect next May. “These new data protection laws mean it has never been

more important to ensure your sensitive information is properly safeguarded, as any potential breach will naturally attract attention from media and clients alike.”

Cyber Essentials Plus and the procurement process

“Since 2014, Cyber Essentials Plus has been a mandatory requirement when applying for government contracts, and it looks as though we are transitioning to a point where businesses must hold a badge to be considered for most public-sector work.

Page 1 | Page 2 | Page 3 | Page 4 | Page 5 | Page 6 | Page 7 | Page 8 | Page 9 | Page 10 | Page 11 | Page 12 | Page 13 | Page 14 | Page 15 | Page 16 | Page 17 | Page 18 | Page 19