Cyber Essentials is the MOD’s base requirement to be implemented by their supply chain to protect against cyber security threats.
This will be followed by additional requirements depending on the cyber risk profile detailed by Defence Cyber Protection Partnership (DCPP). This is part of the Government plans to invest heavily in cyber security over the next five years, including the South West. British Industry should take action to reduce the threat of cyber attacks by implementing Cyber Essentials, a government backed scheme, after a Government survey highlights the increase in cyber security breaches.
Government Survey shows increase in cyber security breaches
HM Government commissioned a 2015 Information Security Breaches Survey. This showed that there had been an increase in the number of both large and small businesses that experienced breaches. It shows that 90% of large organisations (a rise of 81% from the previous year) and 74% of small businesses (a rise of 60% from the previous year) have suffered a security breach. Unauthorised outsider attacks last year affected 69% of large and 38% of small businesses whilst the average costs of the worst possible breach ranges from £75,200 – £310,800 for a small business and between £1.46m – £3.14m for a large organisation.
By implementing the basic cyber controls required of the Government’s Cyber Essentials scheme businesses will protect their information assets from almost 80% of cyber threats.
Cyber Essentials – MOD requirement detailed by MOD Defence Contracts Online (MOD DCO) :
The MOD is committed to ensuring it and its supply chain are appropriately protected and has been working jointly with Industry and other Government departments in the Defence Cyber Protection Partnership (DCPP) to develop a proportionate means of achieving this. As a first step, the MOD will be implementing the Government’s Cyber Essentials Scheme through a compliance question in its supplier selection Pre-Qualification Questionnaire.
For all new requirements advertised from 1st January 2016 which entail the transfer of MOD identifiable information from customer to supplier or the generation of information by a supplier specifically in support of the MOD contract, MOD will require suppliers to have a Cyber Essentials certificate by the contract start date at the latest, and for it to be renewed annually. This requirement must be flowed down the supply chain.
Securious, as a Cyber Essentials Certification Body based in the South West, are perfectly positioned to help companies that supply to the MOD and require certification under the Cyber Essentials or Cyber Essentials Plus schemes.
Securious prides itself on ensuring that you have access to highly experienced and qualified staff who are passionate about reducing cyber vulnerabilities and making your organisation secure.
To find out more about the scheme, see our Cyber Essentials page or call us for a no obligation chat on 01837 871247