GCHQ, cyber essentials, and You

Updated: May 6

In a decade, will the latest James Bond movie kick off with a high-octane rooftop motorbike pursuit? Or will 007 be in a small office tapping (rapidly, yet with a certain unmistakeable panache) on a small keyboard, before popping out to the staffroom for a well-earned espresso? Double shot kenyan, of course; no sugar.


Spying used to seem more physical somehow. I was really interested by this recent lecture from the Director of GCHQ. It neatly summarises the shifting ground, in which cybersecurity has come to the fore. Not news in itself, unless you’ve spent the last few years in a cupboard, but I thought his speech notable in two ways.


Firstly, it succinctly summarises the key national security challenges, and plans, in a five-minute read. And secondly, it makes plain that we might all get a walk-on part in that Bond film. If, as the Director suggests, technology is ‘fundamental to our social fabric and the UK’s competitive edge’, then we all have a role: because we’re all interconnected.


If my business is compromised by a cyber attack and my systems go down, I can’t supply you with the goods or services you’re waiting on to meet your obligations. Or perhaps my data gets taken, giving others email and invoicing history from our shared transactions, ready to defraud you. It’s in all of our interests to look after our own cyber security and to expect that those with deal with do likewise.

For those who haven’t heard of cyber essentials (CE for short), it’s like an MOT for your cyber security. It shows that you’ve done the basic maintenance, and you’re roadworthy. It is cited in this lecture as a part of that overall effort to secure the national economy. And if you’ve got a business or charity, you should really be considering it.


Like an MOT, you’ll pay for it, but you’ll also get £25k of insurance, someone to call if you’re attacked, and you’ll massively reduce your chance of a breach. In 2021, of the 2/5 UK businesses which came under attack, those suffering a financial loss dropped on average over £8k through the year.


So whilst we’re here to offer free guidance to small business, I do think it’s important that we also push the cyber essentials scheme. We’re shortly running a webinar to explain how you can achieve the standard, and if you need a commercial partner to help you through the process, we have links to the majority of companies in the region who oversee the CE accreditations.


So we can make some introductions on your behalf. I’m not promising that we’ll throw in an Aston Martin with missile launchers, but perhaps the prospect of keeping your business safe, might be enough.


The webinar will be scheduled for 12pm on 26/5. Keep an eye on our website and social media feeds for ticketing details shortly. In the interim, you can get a heads up about CE and what it involves on our website, at www.swcrc.co.uk/what-is-cyber-essentials.


The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for the South West is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others.  Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for the South West provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

 

The Cyber Resilience Centre for the South West does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for the South West is not responsible for the content of external internet sites that link to this site or which are linked from it.