Cyber Essentials - Case study
As a senior manager or company owner you’ll be only too familiar with the online threats that surrounds us all. You’ll have seen the headlines, read the reports and maybe even experienced trouble firsthand.
You’ll also be aware that when threats do come calling; threats in the form of a phishing or spear phishing attack, as ransomware or network probes, as falling foul of essential new GDPR regulations even, any organisation serious about security will have best practice policies and procedures in place to mitigate the danger.
Take Lucid client RME Financial Services for example.
Specialists in mortgages, life insurance, critical cover and other financial products RME have been meticulous in deploying their cyber security. Dedicated protection designed to safeguard both their systems and the confidential client data they hold.
“We take security very seriously,” says Catherine Rimmer of RME.
But believing you have the right protection in place is all very well. RMW needed to know that their protection was the best it could be, that it was fit for purpose.
“We wanted peace of mind,” says Catherine, “That’s why we wanted to be absolutely sure that our security is built on solid foundations. Lucid had been highly recommended for their Cyber Essentials work so we brought them in to do an assessment and to make sure we’ve everything in place.”
Accredited Cyber Essentials
As part of their Cyber Essential accreditation a Lucid ACE Practitioner spent a day with Catherine and her team assessing their systems, their policies and sharing practical guidance.
Assessment that covered the six key Cyber Essential controls:
Boundary firewalls and internet gateways.
2. Secure configuration.
3. Access control.
4. Malware protection.
5. Patch management.
“It was fantastic.” says Catherine, “We just got on with our work while Lucid carried out the assessment.”
With the day a success and a clean bill of health given, the Lucid Cyber Essentials certification left RME safe and clear in the knowledge that, to quote the Government Cyber Security documentation, ‘these controls can significantly reduce the risk of prevalent but unskilled cyber-attack… a practical component of a wider ranging cyber security posture.’
The Business Benefits of Cyber Essentials
More than just peace of mind Cyber Essentials Assurance delivers genuine business benefits too.
“We are inspected quarterly by our First Complete team for FCA compliance,” says Catherine, “They were really impressed that we’ve got Cyber Essentials Certification and actually told us we’re ahead of the game,” adding, “though we brought Lucid in to give us assurance it’s clear that accreditation and showing that accreditation increase trust with our clients and partners.”
With the Cyber Essentials now an integral part of the RME’s approach to information risk management where do they go from here?
Concludes Catherine, “We’ll be talking with James and the team at Lucid about their GDPR Essentials service. GDPR is a hugely important issue. Cyber Essentials Plus as well. It’s something we want to get absolutely right.”
Your Systems? How protected are you?
You may believe them secure… but do you know they are?
We can tell you.
Call now for your own Cyber Essentials evaluation: 0800 862 0095.
Cyber Essentials in a Nutshell
The biggest technology issue facing UK businesses today insufficient Cyber Security risks causing major business interruption, through loss of personal or company data, or money.
Cyber Essentials is a new standard for IT security, endorsed by the UK Government, and designed to help businesses defend against up to 88% of known cyber attacks.
Cyber Essentials offers two clear benefits.
1. It offers a clear statement of the basic controls you need to put in place to mitigate the common internet based threats.
2. It establishes an Assurance Framework that shows your customers, investors, insurers and stakeholders that you both take cyber security seriously and have acted to enforce essential precautions.
You can find more detailed information from the National Cyber Security Centre here.