Cyber Chat Episode 15 – What is Cyber Essentials?

In episode 15 of Cyber Chat, Rob May talks about Cyber Essentials, what it is, why organisations benefit from doing it and how ramsac can help you get certified for Cyber Essentials.

Managing the ongoing cybersecurity of your IT infrastructure should be a primary concern – whatever the shape or size of your organisation. Cybersecurity breaches are the number one threat in today’s business landscape. Incidents come in many forms: cyber attacks; laptops left on trains; malicious staff; or, even more simply, accidental data loss caused by human error. The human firewall is vital as a line of defence for any organisation and in this video Rob, author of The Human Firewall (available on Amazon) explains what the Human Firewall is.

Find out more about ramsac’s cybersecurity services

Cyber Chat – Episode 15 – video transcript

Hi, I’m Rob May, I’m MD of ramsac and welcome to Cyber Chat. Today, I want to talk to you about Cyber Essentials. Cyber Essentials is a certificate that shows that you take cybersecurity and the protection of your data seriously. I often describe this as being like an MOT certificate. So, you know if I drive a BMW and you drive a Porsche, if our cars need an MOT, it doesn’t matter that we drive different cars. It doesn’t matter that we are being looked after by a different garage. We take our car in, and an MOT is a certificate that says that your vehicle is road legal and it’s road safe. And Cyber Essentials is just like that.

So, there are 5 pillars to Cyber Essentials and basically what you’re doing is you’re having somebody independent come in and check that you meet those standards and then you get your certificate and it shows people that you’ve taken it seriously. Now, to me, there’s a number of reasons why you should do Cyber Essentials.

Firstly, I believe it’s cost neutral. So, if you’ve got Cyber Essentials, then your business insurance is going to be cheaper. If you tender, if you do tenders for public sector work, most public sector tenders, now insist on you, having Cyber Essentials or something higher. So, ISO 27001 would be a higher standard and that would out trump Cyber Essentials. But public sector tender documents now insist that you have at least Cyber Essentials. I think, the other thing is having it and going through the rigor of making sure that everything is right, just makes you more efficient, it makes your IT work better.

I think the most important thing is, it’s a stamp that you can use. On your corporate documentation, on your email footers and so on. That shows the outside world that you take the protection of your clients data seriously. So, it’s a standard that’s very clear to understand. You know, if you’ve got an IT Department they can go online and they can look at what’s going to be assessed and they can do a lot of the work themselves to get ready, Or you use someone like ramsac to come in and in effect do a service in the same way, to continue the car MOT analogy before you have your car MOT’d you put it in for a service. It’s the same with Cyber Essentials, so ramsac can come in. They can do the service that tests everything that will get tested when we do the Cyber Essentials certification, just to make sure you’re going to pass. There’s normally some remedial work that needs to be done a lot of it is just process, quite often it’s not cost based stuff. It’s just things that you will not doing to best practice. And then you get your certificates. So, Cyber Essentials, really do recommend it to you.

I hope that’s been useful and I look forward to talking to you again soon. Thank you.