Nuffield Foundation – Cyber Resilience Certification
The Nuffield Foundation are proud holders of the Silver Standard Cyber Resilience Certification from ramsac, enabling them to assess the Foundation’s Cyber resilience and level of risk of cybercrime.
Who are the Nuffield Foundation?
The Nuffield Foundation funds research, analysis, and student programmes that advance educational opportunity and social well-being across the United Kingdom. The Foundation improves people’s lives, and their ability to participate in society, by understanding the social and economic factors that affect their chances in life. The research the Foundation funds aims to improve the design and operation of social policy, particularly in Education, Welfare, and Justice.
The importance of cyber resilience
Nuffield Foundation chose to benchmark their IT security by undertaking ramsac’s Cyber Resilience Certification in order to improve their cyber resilience and ensure the foundation is protected against cyber crime. Elaine Graham-Leigh, Information Governance and Systems Officer at the Foundation explained why cyber resilience is so important
“We want to know that we’re doing everything we should be doing to keep our systems as secure as reasonably possible. It’s easy to focus on preventing a recurrence of the last issue, but what we need is a way of assessing how we’re doing across our systems and the risks we’re facing, not just the areas in the forefront of our minds. “
What is the Cyber Resilience Certification from ramsac?
Utilising 30 years’ experience in IT, ramsac’s Cyber Resilience Certification is practical strengths based assessment that helps any organisation where they benchmark against IT best practice. By assessing an organisation’s position against the standards, organisations can better understand their cybersecurity risks, strengthen their protection against cybercrime and demonstrate to their customers and stakeholders that they take the protection of data seriously. Organisations can achieve either the Bronze, Silver, or Gold Certification to ensure the maximum protection against cybercrime.
The Certification process
ramsac’s experienced IT security professionals undertook an in-depth audit of the Foundation’s IT estate. The result of the assessment was a detailed report identifying IT and cyber risks, with a practical suggestion of how each finding can be addressed. We were then able to determine what level the Foundation had achieved, they moved straight past Bronze to achieve the Silver Cyber Resilience Certification, a great success for the first assessment. The Silver certification represents great cyber resilience, reflecting practices that protect both end user devices, IT hardware and cloud stored data. Elaine commented on the Certification process.
“We found the process very smooth. The spreadsheets brought together the measures needed and already taken for each level in a way that was easy to understand and explain to senior management. It made it clear to assess our progress at any point and see how far we’d come and how far we had to go.”
The benefits of the Certification
Commenting on the benefits of being Cyber Resilience Certified Elaine said
“It gives us assurance that we’re taking the right steps and a way to demonstrate that to our leadership team, trustees and other stakeholders as required. The documentation brings together all the measures we have in place in a way that will make any future independent audit very much easier if we need one. We don’t have cyber insurance currently, but I expect that if we decided to pursue that, the certification would also be looked on favourably by prospective insurers and give us a useful way of demonstrating our seriousness about cyber security.”
