Do You Know About Cyber Essentials?

28/11/23 Wavenet
Do You Know About Cyber Essentials?

A critical element to the longevity and survival of any business is that they adopt an all-encompassing cyber security and disaster recovery strategy. Advancements in technology mean that the world is becoming more digitised and, as this trend grows, cyber-crime grows alongside it. From customer service to communication and accounting, there is a heavy reliance on technology for many enterprise operations. From hosted desktops to cloud backup and virtualisation, software and computing has become integral for every business. But as companies have become savvier, so have the cyber-criminals looking for vulnerabilities – there have been instances where sophisticated hackers have been able to orchestrate attacks without disrupting a business’s day-to-day operations. 

When IT managers, business owners, MDs and CEOs embark on cyber-security awareness training and sign-up to Cyber Essentials, their employees are brought up to speed on their IT security procedures, best practices, and policies. They can then pass this training on to their employees, making sure that their colleagues are not only aware of these policies but can understand and follow best practices. 

What is Cyber Essentials? 

Cyber Essentials is a UK Government accreditation that is operated by the National Cyber Security Centre (NCSC). This information assurance scheme encourages SMEs and organisations to assume good practice in information and cyber security. There are two forms of Cyber Essentials: the initial Cyber Essentials accredited through the completion of a self-assessment form, and the more advanced Cyber Essentials Plus. 

Both consist of understanding and meeting five key cyber security controls. However, while Cyber Essentials is achieved through the completion of a self-assessment questionnaire, Cyber Essentials Plus involves being examined by an external, certified body on your premises. Due to this, Cyber Essentials Plus is particularly designed for those organisations with a more complex IT infrastructure. 

Why is Cyber Essentials important? 

No cyber security strategy will protect you 100% against a cyber-attack, but you can certainly put procedures in place to minimise the risk of one, and this is what the Cyber Essentials scheme aims to do. The accreditation has a tough base that helps to reduce the risk of these ever-growing cyber-attacks. 

A ransomware attack or serious data breach could have a detrimental impact on a company. From financial devastation to destroying their reputation, the effects of an attack should not ever be underestimated. When a business signs up to the Cyber Essentials scheme, they are required to self-assess their security against an assessor company’s questionnaire. Once they have completed the assessment, it is then verified and signed off by a senior executive. Every aspect of the company’s security policies will be scrutinised, uncovering weaknesses that will then get your employees thinking about cyber security. 

What’s worrying is that a staggering number of UK businesses are unaware of the Government-backed accreditation.  

Your Employees Pose the Biggest Threat 

But why should this be a concern? According to the Government’s Cyber Security Breaches Survey 2022, 39% of businesses experienced cyber security breaches or attacks over the last 12 months, and of those businesses, 56% held personal data on customers in the cloud. Alongside this, 90% of cyber-crime stems from human error, which means uneducated employees pose a huge risk to the security of your business. 

When there are schemes and methods out there to help prevent a data breach or attack, it is inexcusable for CEOs, MDs, IT Managers and Owners to claim ignorance in the world of cyber security.  

To put this in perspective, more than 333 billion consumer and business emails were sent per day in 2022, and this number is expected to rise to 393.5 billion by 2026. Alongside this, it is thought that 156 million phishing emails are sent every day, and of those, sixteen million will manage to surpass filters. Of the 10% that make it through the spam filters, half of them will be opened, and 10% of those click on phishing links. While only 10% of phishing emails make it through, unsuspecting victims are still opening these emails and clicking through, which means that malware is being downloaded onto business networks and infiltrating sensitive customer data. This begs the question - can a company really afford to go without a Cyber Essentials Accreditation?  

What’s Stopping Businesses Become Cyber Aware?  

Educating employees and understanding risk is crucial for businesses wanting to protect themselves against data breaches and cyber-crime, so what is stopping decision makers from getting a Cyber Essentials Accreditation? According to the survey, 67% of IT managers said that a lack of understanding of what this government-backed scheme was had stopped them applying. Alongside this, 29% said that they did not think it was important for their cyber security strategy, and 42% cited a lack of funds as the reason.  

While there’s clearly ignorance surrounding cyber security awareness, 81% of the businesses surveyed said that they were Cyber Essentials certified, and 69% reported that they understood the benefits of being so. Meanwhile, 84% said that having the accreditation helped them win more businesses. 

The benefits of Cyber Essentials Accreditation 

There is no denying that there is a clear case for IT decision makers to ensure that their business is Cyber Essentials certified. From helping you become GDPR compliant to reaffirming trust with your clients and customers, to scoring new business deals, the benefits of obtaining Cyber Essentials accreditation far outweigh the financial cost of it. 

Upgrading to Cyber Essentials Plus brings additional benefits. While Cyber Essentials shows your customers that you take cyber security seriously, Cyber Essentials Plus gives further validation to this, demonstrating that you can adhere to the requirements in practice and have the necessary measures in place. As this is verified by a third party, this shows that your organisation has an even higher commitment to security. 

Paul Colwell, Chief Technology Officer at Wavenet CyberGuard states:

“Here at Wavenet CyberGuard, we encourage companies to become Cyber Essentials certified since it can help protect against most common cyber-attacks. In 2023, it should be paramount that businesses who rely on technology protect customer and employee information - as well as their own. Becoming Cyber Essentials certified is a great start to implementing strong and secure cyber security practices.”

Get in touch with Wavenet CyberGuard and find out more about becoming Cyber Essentials certified today. 

Cyber Security

Latest blogs

See all posts
Placeholder thumbnail
Building resilience in the public sector: a strategic guide

Beyond traditional cyber security: how to create an effective cyber resilience plan In an era where cyber threats are growing in scale and sophistication, public sector organisations must go beyond traditional cyber security. While many may feel like they are too small a target to fall victim to the headline-grabbing attacks we see in the news, it is the unfortunate truth that all organisations are at risk, whether they turn over vast amounts of money or not. Therefore, the ability not only to defend against attacks, but also to recover quickly and continue delivering essential services is of paramount importance.

Read more
Placeholder thumbnail
Fusing networks and security to create tomorrow's digital infrastructure

Embrace a seamless digital transformation with SASE technology In the whirl of digital advancement, the lines between networking and security have blurred, paving the way for a new approach to connectivity and protection: Secure Access Service Edge or SASE. Imagine SASE as the ultimate multi-tasker - merging high-speed avenues like SD-WAN with the digital world's watchdogs - firewalls, Zero-Trust Network Access (ZTNA), and cloud security tools - all in one, cloud-delivered package. This powerhouse ensures that connectivity doesn't just mean getting online; it means doing so swiftly, securely, and smartly. Why we champion an integrated approach At our core, we champion simplicity and security. Connectivity and security shouldn't be complicated or separate. Our mission is to standardise and deliver cutting-edge SASE solutions that are easy to manage, highly secure, and adaptable - because in today's digital world, flexibility isn't just an advantage; it's a business imperative. What SASE means for your business Let's dive into what this really means for businesses moving through the clouds and beyond. With SASE, networking and security no longer run on different wavelengths. They're part of the same conversation, which means deploying and managing a network that's as secure as it is flexible. The benefits of SASE that you can expect: Lightning-fast, direct access to all the apps and data you need, with no lag. A single, cloud-native platform that manages all your monitoring and security needs - simplifying life for your IT team. Upgraded protection for your on-the-go staff, keeping them safe wherever work takes them. Unmatched control and insights into every SaaS application you use, whether it's on the radar or not. A network infrastructure that not only scales with your business but does so smoothly and efficiently. And for those pondering the complexities of integrating SASE into their existing network, we've got your back. As a seasoned Cisco Gold Partner, our team of Cisco-certified experts are ready to tailor a highly reliable, scalable, and ironclad SASE strategy for you. With over two decades of experience to draw on, we're not just offering a service; we're driving transformation. Our proven Cisco-centric SASE solutions As a Cisco Gold Partner, we leverage over twenty years of expertise to tailor a dependable, scalable, and robust SASE strategy for your organisation: Cisco Umbrella SIG with Secure Connect: Offering unparalleled, location-agnostic connectivity that seamlessly links your team and technology, while simultaneously bolstering your defence against security threats through a unified approach. Providing your business with leading cloud security that proactively safeguards your digital landscape, ensuring tailored, comprehensive protection for your vital assets. Built with Cisco Secure Access and Umbrella SIG. Cisco Meraki SD-WAN: Modernise your network with an optimised WAN that guarantees strong performance and reliable connectivity for every user and device across your organisation. Cisco Thousand Eyes: Harness unmatched visibility and performance insights across your network, cloud, and SaaS ecosystems, empowering your enterprise to optimise digital experiences decisively. Ready to rethink your digital infrastructure? If you're keen on a future where connectivity and security walk hand in hand, let's get the conversation started. With us, you're not just adopting SASE; you're embracing a secure, integrated, and incredibly agile digital infrastructure. Picture setting up your new digital base with us as piecing together your favourite puzzle; you don't need all the pieces initially. We build your dream setup step by step, ensuring each piece fits perfectly over time to create a seamless, unified solution tailored for your business needs. Welcome to the forefront of networking and security. Welcome to your new digital baseline.

Read more
Placeholder thumbnail
How can businesses dispose of devices in an environmentally friendly way?

What is WEEE compliance? Electronic waste (e-waste) is one of the fastest growing waste streams today, with the UK generating 1.7 million tonnes* per year. As our reliance on electronic devices such as laptops, desktops, mobiles, and office equipment increases, so does the importance of responsible IT equipment disposal in the UK. When devices become faulty or outdated, the vast majority are simply disposed of, adding to the mounting electronic waste (e-waste) in landfills. This creates even more WEEE (Waste Electrical and Electronic Equipment). Effective responsible IT asset disposal in the UK is crucial to reduce environmental impact and support a sustainable future. With rapid technological advancements, upgrading IT infrastructure, and increasing regulations on WEEE compliance, adopting eco-friendly electronics recycling solutions is more important than ever. If we don’t all start to reduce, reuse, and recycle electronic devices, this is only set to get worse. We all have a role in minimising e-waste in the workplace, supporting the planet, and reducing demand for resource-intensive manufacturing What do companies do with old electronic devices? According to Sue Owens, Head of Supply Chain Services at Wavenet: “There isn’t a single answer to the climate crisis, or how we can recycle our way out of trouble, but responsible electronic device recycling and secure data destruction are essential parts of the solution. We need to look at all methods of recycling. Even the smallest contribution in reducing e-waste in the workplace adds up to be part of the bigger picture.” Recycling old laptops, mobiles, and other IT hardware not only helps manage the rising tide of end-of-life equipment recycling but also ensures compliance with WEEE directives. Proper certified electronic waste disposal providers help companies turn obsolete devices into environmentally safe recyclables or components, reducing the need for raw material extraction. Sue continues: ”The more organisations recycle, the less we need to mine. While the mining industry is a major contributor to planet-warming emissions, it also holds the key to a net-zero future. We don’t need to extract more – we need less. As clean energy and EVs expand, the total amount of materials mined will actually decrease, and we can significantly reduce reliance on coal that still fuels the industry’s revenues. Less mining, more sustainability – that’s the future we must build. To make a difference, it’s up to organisations to recycle whatever we can; however, data destruction is critical to the security of your business. Compliance with the WEEE directive and recycling units back into the market, either as components, or broken down into their elements is a huge contributor.” How do businesses recycle computers and phones?

Read more
A happy house tenant is using an app on her phone to report a home issue to her housing provider
From risk to resolution: how Active Assessor helps you stay ahead of Awaab's Law

What does Awaab's Law mean and why does it matter? Damp and mould aren’t just inconvenient maintenance problems - they’re serious risks to tenant health, regulatory compliance, and the reputation of housing providers. Nearly 1 in 7 social homes in England failed to meet the Decent Homes Standard in 2023¹. On top of that, the NHS is estimated to spend £1.4 billion a year treating health issues related to cold, damp housing². And yet, more than half of tenants experiencing condensation, damp or mould don’t report it. Often, they don’t recognise the early signs, or they simply don’t believe they’ll be taken seriously. This silence leaves landlords in the dark and turns small, fixable issues into expensive, high-risk problems. From October, social landlords will be legally required to fix emergency hazards within 24 hours and investigate and repair dangerous damp and mould within set timeframes, under new legislation known as Awaab’s Law. Introduced in memory of two-year-old Awaab Ishak, who tragically died in 2020 after prolonged exposure to mould in his social housing, the law represents a major step toward improving housing safety and quality. It allows tenants to take legal action if landlords fail to comply and will be rolled out in phases, beginning with damp and mould, to ensure effective implementation. This approach aims to deliver meaningful, lasting change while honouring the efforts of Awaab’s family to secure justice. Awaab’s Law also supports the government’s broader plan for change, which includes a commitment to building 1.5 million new homes and delivering the biggest improvement to social and affordable housing in a generation. The challenge: strained teams & outdated systems Most housing providers care deeply about tenant safety. The problem isn’t willingness—it’s capacity. Maintenance teams, IT departments, and customer contact centres are already stretched thin. Spotting early-stage issues requires tools they simply don’t have. Traditional, manual inspections are expensive and slow. Reactive workflows leave little room to get ahead of problems. And despite growing demand for proactive service, only 13% of customers actually receive it. The systems many teams rely on today are fragmented, outdated, and not fit for the pressures of a post-Awaab world. The solution: Active Assessor by 8x8

Read more
Placeholder thumbnail
Is your construction business prepared for the PSTN switch-off?

Getting your construction business ready for the PSTN switch-off

Read more
Placeholder thumbnail
There's more to the PSTN switch-off than meets the eye

What is the PSTN switch-off? The impending PSTN (Public Switched Telephone Network) switch-off isn’t just about replacing traditional lines. It’s a seismic shift that impacts far more than most realise – and if you’re not prepared, it could cost your business dearly. Most companies are aware that traditional analogue lines and ISDN systems for calls and broadband are being phased out by January 2027. But what many don’t see is the vast ripple effect of this transition – touching everything from lifts to life-critical systems, cash machines, and even traffic lights. What does the PSTN switch-off mean in simple terms? When it comes to the PSTN switch-off, it’s easy to think that it is just about phone lines. But the truth is, it’s much more complex. Here is what’s at stake: Life-saving systems: fire alarms, major medical and safety devices, emergency alarms in care homes, emergency pendants, telemetry services monitoring boiler rooms, dams, sluice gates, and substations. Public infrastructure: traffic lights, bus stops, speed cameras, and traffic management systems. Business-critical devices: PDQ and payment terminals, ATMS, CCTV, video surveillance, door entry, security systems, and remote access points. Transport & emergency services: roadside AA/RAC recovery alerts and devices, and emergency phone lines in hazardous environments. Telecommunications & internet: leased lines, private networking facilities, dial-up lines, broadband DSL services, and international leased lines. Community & public services: emergency teams and vehicles, payphones, modems, industrial control, public alerts, and more. If every one of these vital systems suddenly loses connectivity – chaos, downtime, and danger could follow. The possible business impact of the PSTN switch-off could be financial losses, public safety risks and erosion of customer trust. The PSTN switch-off is a vital business resilience issue – the time to act is now Unlike many providers who may focus on the obvious, we see what others miss. Our team dives beneath the surface, examining your entire network ecosystem to identify what’s at risk when the PSTN switches off. We have mapped out the hidden web of critical systems that rely on legacy infrastructure – and yes, we’ve prepared solutions for each one. Check out our iceberg infographic to see a quick glance of the PSTN switch-off picture. The switch-off is just the tip of the iceberg. Without planning, your operations could face catastrophic disruption. Don’t let your business be caught unaware. Reach out today for an in-depth assessment, and explore solutions tailored to your critical systems. Because when it comes to the PSTN switch-off, we see beyond the iceberg – and help your business stay afloat.

Read more

Stay service-savvy

Get all the latest news and insights straight to your inbox.