1 in 5 businesses unaware of the benefits of Cyber Essentials accreditation
A recent independent study has highlighted that a worrying number of UK businesses still aren’t aware of the benefits of the Government-backed Cyber Essentials scheme. Almost 1 in 5 IT managers reported that they were unaware of how Cyber Essentials compliance could help their business, with 10% unsure of whether their company even had the certificate.
According to the Government’s Cyber Security Breaches Survey 2018, 43% of businesses have experienced cyber security breaches or attacks over the last 12 months. This is particularly concerning since 56% of businesses hold personal data on customers in the cloud. However, there are methods that can be implemented to reduce the risk of data breaches. One such way is through being Cyber Essentials accredited.
Cyber Essentials is a Government-backed, industry-supported scheme which launched in June 2014. It aims to help all organisations protect themselves against cyber attacks. When an organisation is fully compliant, they will receive a certificate to show stakeholders and customers that they have the necessary safety measures in place to reduce the risk of a cyber attack. Cyber Essentials is a quality standard in many industries, and a necessity for businesses looking to win certain Government contracts.
In the study 251 UK based IT managers were surveyed, ranging from small businesses (20-49 employees) to large companies (750 employees or greater). The survey focussed on whether or not the business had achieved the Cyber Essentials certification.
The results revealed that 19% of IT managers were unaware of the benefits of having a Cyber Essentials certification, with 1 in 10 (10%) unsure of whether or not their business even had the certificate.
Of the businesses without Cyber Essentials accreditation, two thirds (67%) said that a lack of understanding had been the primary barrier to them applying, with 42% citing a lack of funds. Almost a third (29%) suggested that they didn’t consider it important.
In terms of small businesses with between 20 and 49 employees, 33% claimed that they either weren’t Cyber Essentials certified or weren’t sure. This compares to just 6% of larger, enterprise organisations (i.e. those with over 750 employees).
This finding is particularly worrying for both consumer and employee privacy; according to the Cyber Security Breaches Survey 2018, 42% of SMEs had experienced at least one cyber attack in the past year. SMEs are at a higher risk of data breaches when compared to large organisations but are less likely to have Cyber Essentials certification in place.
However, while there continues to be a lack of awareness around cyber security, there are some positives. The vast majority of the businesses surveyed (81%) stated that they were Cyber Essentials certified, with 69% reporting that they understood the benefits of being so.
There is a clear case for being certified. Of those accredited, 84% claimed that it has helped their business to win contracts, with other respondents highlighting the importance of the certificate in reassuring their customers.
William Rendell, Technical Director at Smart Computers commented:
“At Smart, we provide products, services and guidance that will help our customers become Cyber Essentials certified. We offer a free IT company audit that will highlight any areas where there is room for improvement, and provide you with non biased advice to help you make informed decisions. It’s never been more important for businesses who rely on technology, to protect their customer and employee information, in addition to their own. Gaining a Cyber Essentials certificate is a great start to implementing strong and secure cyber security practises.”
Smart Computers are proud to hold the Cyber Essentials Certificate.