IT Governance is urging SMEs to be proactive and comply with the Cyber Essentials scheme in order to ensure at least a minimum level of security.

ELY, CAMBRIDGESHIRE, UNITED KINGDOM, September 22, 2014 /EINPresswire.com/ -- IT Governance, the fast-growing cyber security services provider and CREST-accredited certification body for the UK Government’s Cyber Essentials scheme, is urging SMEs to be proactive and comply with the Cyber Essentials scheme in order to ensure at least a minimum level of security.

The 2014 Information Security Survey revealed that 60% of SMEs suffered a security breach in 2013. Strikingly, the National Cyber Security Alliance estimated that 60% of small organisations close down within six months after suffering a data breach.

The Cyber Essentials scheme was officially launched on 5 June 2014 by the UK Government. It defines a specific set of controls – manageable within all types and sizes of organisations – to provide basic cyber security. Although the scheme is not nearly as comprehensive as a management system standard like ISO27001, it provides a starting point for many organisations that have no defined level of security.

Alan Calder, founder and executive chairman of IT Governance was quoted by SC magazine saying, “Yes, it is a low bar, but it's surprising how many responsible, well-structured companies don't always absolutely meet the requirements. There are known standard weaknesses and this scheme is forcing SMEs in particular to raise their bar from zero level, to one, so it's a good first step.”

The Cyber Essentials scheme applies to large organisations as well. Blue chip companies like Barclays and Vodafone were amongst the first organisations to achieve Cyber Essentials Plus certification.

Quoted by SC magazine, Calder says, “Unlike ISO27001, which organisations can tailor to their own appetite for risk and so have different implementations, CE is implemented to the same minimum level for everyone which adds to its robustness. To an extent we do tailor how it is undertaken, but the external tests are the same for a large or small organisation; the complexity is not in the test but in the testing environments, including in sensitive areas.”

From an end-user perspective, Vodafone’s head of technology security, Howard Pinto added, “We see tremendous value in this as it cements our position as a qualified supplier and advertises to our customers that we take their data protection seriously.”

From 1 October 2014, the UK Government will require suppliers from specific industries (including banking) that bid for certain contracts assessed as higher risk, or which require the handling of sensitive and personal information, to be Cyber Essentials certified.

IT Governance offers three ‘all-in’ packaged solutions for certification to Cyber Essentials and Cyber Essentials Plus. Each solution is a combination of products and services in a fixed-price, fit-for-use package sure to meet any organisation’s preferences for tackling compliance projects. Each of the three packaged solutions is available at a transparent price that enables every organisation to know exactly what their chosen journey to Cyber Essentials certification will cost them.

The all-in, Cyber Essentials ‘Do it yourself’, ‘Get a little help’ and ‘Get a lot of help’ can be ordered online at www.itgovernance.co.uk/solutions-for-ces-certification.aspx.

Alternatively, organisations can call +44 (0)845 070 1750 or send an email to request a custom quote

Desislava Aleksandrova
IT Governance Ltd
00448450701750
email us here