Why Your Suppliers Are Asking You To Get Cyber Essentials

Written by Sam Jones
Feb 14, 2020 - 3 minute read

Have you recently had your suppliers ask you to get certified for Cyber Essentials? Here's what you need to know and do to be able to get certified...

New call-to-action

I know how confusing it can be when you've got a great relationship with your suppliers and then out of the blue, you're being told you need to get something you've never heard of before.

You're sat there saying things like...

"Cyber Essentials? What is that? I've never heard of that before!"

However, there is s a reason why your suppliers are asking for this, they wouldn't be saying it if they didn't truly believe it's a crucial requirement for your relationship.

Anyway, let's first get our heads around what Cyber Essentials is...

What is Cyber Essentials?

Cyber Essentials is a cyber security certification designed to protect your organisation against common cyber threats. It is the only UK government-backed cyber security certification.

Cyber Essentials requires you to implement five technical controls to be able to reduce the risk of breach by 80%. You can read more about what Cyber Essentials is by clicking here.

Another key point is that Cyber Essentials is that there is two different types of certifications available, Cyber Essentials and Cyber Essentials Plus.

Cyber Essentials is a basic certification, it is a self-certification that anyone can do very easily and because of this, it's not valued as highly as Cyber Essentials Plus.

Cyber Essentials Plus requires an external certifying body to assess your infrastructure and this is ideally what your suppliers hope you will opt for. Cyber Essentials Plus shows you're taking data protection seriously.

There are many benefits of Cyber Essentials Plus which you can read all about here.

So why do my suppliers want us to get certified for Cyber Essentials Plus?

Your suppliers want to make sure their supply chain is safe.

They know if any business they work with isn't taking the necessary precautions with cyber security, they could have a third party backdoor breach in their organisation.

Obviously, they don't want this to happen so they're asking all of their clients to get certified and this works for everyone because now everyone in the supply chain has significantly reduced the risk of breach.

It's also important to remember that with Cyber Essentials Plus certification, you're avoiding fines of up to 4% of your global turnover because you can prove to the Information Commissioner's Officer that you've done everything in your power to protect client data.

As much as you're protecting your supplier, you're just as much protecting your business.

Did you know if you were breached you'd have to notify your clients about the breach within 72 hours?

It's not a surprise that many businesses struggle to recover from that, your reputation would take a huge hit.

The worst part?

It was very, very avoidable to begin with.

So here's what you should do:

First things first, educate yourself on Cyber Essentials. There's so much you'd want to delve into such as how to get free cyber insurance with Cyber Essentials or how to attain Government contracts.

You can find out everything you'd ever need on Cyber Essentials in the Ultimate Guide to Cyber Essentials.

Once you're aware and educated on Cyber Essentials, you can pursue certification but you'll need to do this with a Certification Body such as Cyber Tec Security.

 

Want to find out how to protect your supply chain with Cyber Essentials? 

 

supply chain-min-min

 

 

 

 

Topics: IT, Cyber Attack, MSSP, Cyber Security, Data, Supply Chain

author

More by Sam Jones

Related articles
Why Your Size Does Matter: Hacking Myths That Put SMEs at Risk"

Think your SME is too small to be hacked? Discover why size does matter when it comes to cyber threats and how to protect your business from Hacking.

Monthly Cyber Compliance: The Hackers’ Worst Nightmare!

Stay ahead of cyber threats with monthly vulnerability assessments and penetration testing to identify and fix weaknesses, ensuring a robust and secure network.

Why Stick to Annual Penetration Tests When Hackers Attack Year-Round?

Explore the crucial benefits of switching from annual to monthly penetration testing and vulnerability analysis for UK businesses. Learn how Managed Service Providers (MSPs) can effectively use monthly cyber vigilance to thwart hackers and enhance cybersecurity.