Why Your Suppliers Are Asking You To Get Cyber Essentials

Written by Sam Jones
Feb 14, 2020 - 3 minute read

Have you recently had your suppliers ask you to get certified for Cyber Essentials? Here's what you need to know and do to be able to get certified...

New call-to-action

I know how confusing it can be when you've got a great relationship with your suppliers and then out of the blue, you're being told you need to get something you've never heard of before.

You're sat there saying things like...

"Cyber Essentials? What is that? I've never heard of that before!"

However, there is s a reason why your suppliers are asking for this, they wouldn't be saying it if they didn't truly believe it's a crucial requirement for your relationship.

Anyway, let's first get our heads around what Cyber Essentials is...

What is Cyber Essentials?

Cyber Essentials is a cyber security certification designed to protect your organisation against common cyber threats. It is the only UK government-backed cyber security certification.

Cyber Essentials requires you to implement five technical controls to be able to reduce the risk of breach by 80%. You can read more about what Cyber Essentials is by clicking here.

Another key point is that Cyber Essentials is that there is two different types of certifications available, Cyber Essentials and Cyber Essentials Plus.

Cyber Essentials is a basic certification, it is a self-certification that anyone can do very easily and because of this, it's not valued as highly as Cyber Essentials Plus.

Cyber Essentials Plus requires an external certifying body to assess your infrastructure and this is ideally what your suppliers hope you will opt for. Cyber Essentials Plus shows you're taking data protection seriously.

There are many benefits of Cyber Essentials Plus which you can read all about here.

So why do my suppliers want us to get certified for Cyber Essentials Plus?

Your suppliers want to make sure their supply chain is safe.

They know if any business they work with isn't taking the necessary precautions with cyber security, they could have a third party backdoor breach in their organisation.

Obviously, they don't want this to happen so they're asking all of their clients to get certified and this works for everyone because now everyone in the supply chain has significantly reduced the risk of breach.

It's also important to remember that with Cyber Essentials Plus certification, you're avoiding fines of up to 4% of your global turnover because you can prove to the Information Commissioner's Officer that you've done everything in your power to protect client data.

As much as you're protecting your supplier, you're just as much protecting your business.

Did you know if you were breached you'd have to notify your clients about the breach within 72 hours?

It's not a surprise that many businesses struggle to recover from that, your reputation would take a huge hit.

The worst part?

It was very, very avoidable to begin with.

So here's what you should do:

First things first, educate yourself on Cyber Essentials. There's so much you'd want to delve into such as how to get free cyber insurance with Cyber Essentials or how to attain Government contracts.

You can find out everything you'd ever need on Cyber Essentials in the Ultimate Guide to Cyber Essentials.

Once you're aware and educated on Cyber Essentials, you can pursue certification but you'll need to do this with a Certification Body such as Cyber Tec Security.


Want to find out how to protect your supply chain with Cyber Essentials? 


supply chain-min-min





Topics: IT, Cyber Attack, MSSP, Cyber Security, Data, Supply Chain


More by Sam Jones

Related articles
The Importance of Penetration Testing for SMEs: Safeguarding Your Digital Assets

Learn why penetration testing is crucial for SMEs to safeguard their digital assets, identify vulnerabilities, comply with regulations, enhance security, protect customer data, and make cost-effective security investments.

The Ever Evolving Role of the MSP!

Discover how Managed Service Providers (MSPs) can strengthen cybersecurity with a proactive approach and Cyber Essentials Certification. Learn about the evolving role of MSPs in safeguarding businesses against cyber threats.

The Critical Importance of Digital Transformation Today

Explore the vital role of digital transformation in today's business landscape and how Cyber Tec Security guides SMEs in this journey.