It has been revealed that TÜV SÜD United Kingdom has achieved Certified Body status for the UK Government’s Cyber Essentials programme, which is designed to protect organisations from cyber security threats. Organisations certified by TÜV SÜD can promote that their IT systems comply with a Government-endorsed standard, demonstrating that they are protecting their own and their customers’ data by having a robust and secure IT environment.
Cyber Essentials is now mandatory for suppliers of Government contracts, which involve handling personal information, and providing ICT products and services. It will also enable organisations to prove they have taken the appropriate risk mitigation steps to comply with the new General Data Protection Regulation (GDPR). Organisations in non-compliance with the GDPR after 25th May 2018 could face heavy fines of up to four per cent of annual global turnover in the event of a data breach.
Ewan Fisher, Shared Services Centre Performance & Operations Manager at TÜV SÜD United Kingdom, said: “Cyber criminals target every size of organisation, both large and small. Cyber Essentials helps them to combat cyber attacks, the majority of which exploit basic IT system vulnerabilities. By making it easier for organisations to protect themselves, they are less likely to suffer data loss, which could have a significant impact in terms of lost revenue or reputation, as well as result in fines or prosecution.
“As a globally recognised provider of independent testing, inspection and certification, TÜV SÜD is the perfect Certified Body partner for an organisation that wishes to become Cyber Essentials certified so it can proactively demonstrate its commitment to IT security and the protection of customer data,” concluded Fisher.
Just under half (46%) of all UK businesses identified at least one cyber security breach or attack in the last twelve months. This rises to two-thirds among medium firms (66%) and larger firms (68%).
The Cyber Essentials standard covers five key areas: