06 Nov NJM Consulting & Cyber Security
NJMC and Cyber-Security
Say what you will about the general efficiency of the United Kingdom Government one thing is clear; the UK Government are leaders when it comes to Cyber Security. The obvious reason for this is the large-scale investment that the UK has always made in GCHQ. However this rather skimps on the long, long history of counter-espionage and threat mitigation that the UK has starting from the reign of Queen Elizabeth I and her brilliant spy masters William Cecil, 1st Baron Burghley (13 September 1520 – 4 August 1598) chief advisor to Queen Elizabeth I for most of her reign and Sir Francis Walsingham (c. 1532 – 6 April 1590). Sir Francis was principal secretary to Queen Elizabeth I of England from 20 December 1573 until his death and is popularly remembered as her principle “spymaster“.
Their network of spies, informants and secure, encrypted communications of the day allowed the UK to punch above it’s weight at that time. Clearly the UK has not forgotten the lessons of good intelligence and today it leverages this long heritage to further develop its skills to help protect business small and large from cyber threats.
At NJMC we have embraced the government’s cyber security efforts and are now in the processes of obtaining our first Cyber-Essentials certification.
Cyber Essentials helps prevent the vast majority of cyber-attacks. Even a simple virus or piece of malware can result in loss of company and client data, disrupt cashflow and take up staff time. Any of data could breach the Data Protection Act /GDPR and lead to fines or prosecution.
Having our first Cyber Essentials certification will:
· Protect our organisation against common cyber threats
· Show our customers that we take this issue seriously with our multi-layer Cyber Security Policy
· Enable us to bid for Government contracts because since October 2014 Cyber Essentials has been mandatory for suppliers of Government contracts which involve handling personal information and providing some ICT products and services. Holding a Cyber Essentials badge enables us to bid for these contracts.
Why Not ISO27001?
The International Standards Organisation offers internationally recognised certification in the form of ISO27001. This certification helps a business to become a proactive, not a reactive business. The planning ahead involved in establishing certification means you reduce the risk of threats that could prove, at best embarrassing or, at worst, put your business at great risk, be it from legal, reputation or financial repercussions. While ISO27001 is a certification we are already starting to prepare for it is not our first cyber-security target. As all of our suppliers and service providers are already ISO27001 certified we felt the best value we could add for our clients was to obtain the UK government’s CyberEssentials and CyberEssentials+ first and then leverage the work done for those to step into ISO27001.
All of this activity is of course in addition to our working towards our ISO 9001 business certification. Being a Programme /Project Management Office Service