Cyber Essentials is a government backed scheme aimed at protecting UK organisations of all sizes against the most common cyber threats. The scheme represents the government’s minimum baseline standard for cybersecurity and its benefits are far-reaching.

Certification is based on 5 technical controls and is required to be renewed on an annual basis. The scheme is reviewed by a team of experts to ensure it remains fit for purpose in a cyber environment which faces ever-growing levels of threat.

The Benefits of Cyber Essentials include:

1. Demonstrate to clients how seriously you take cyber security within your organisation.
2. Protect your organisation against the latest security threats by aligning your levels of security with an established UK standard framework.
3. Apply for the growing number of contracts requiring supply chain security as part of their application criteria.
4. Cyber Liability Insurance.

Cyber Liability Insurance

 Cyber Liability Insurance is a little-discussed benefit of the Cyber Essentials scheme, probably because it’s automatically included in certification (ie, without the organisation being required to work towards any qualifying criteria). That said, certain criteria does need to meet, which includes:

1. The entire organisation is Certified
2. The organisation of domiciled in the UK
3. The organisation’s annual turnover is less than £20m
4. The organisation opts in to the insurance.

Why is Cyber Insurance important?

Whilst compliance with Cyber Essentials significantly reduces the likelihood and severity of a data breach, some risk will always remain. Human error, a malicious insider or a brute force external attack cannot be discounted, so having cyber insurance could provide key incident response services and help to cover your costs after such an attack.

>> £25,000 is the total limit of indemnity, which can be used for crisis management and incident response. A 24-hour helpline is available to provide this support.

What does the Policy cover?

1. Liability: claims made against your arising from digital media activities and security and privacy liability.
2. Event Management: the reasonable and necessary fees, costs and expenses of:

• Legal expenses
• IT expenses
• Data Recovery expenses
• Reputation Protection expenses
• Notification expenses
• Credit Monitoring
• ID Monitoring expenses
• First Response expenses

3. Extortion Threat
4. Regulatory Investigations
5. Business interruption: loss of profit and/ or operational expenses caused by a network compromise.
6. Network Interruption: the reasonable and necessary costs and expenses that a Company incurs to minimise the network loss, or reduce the impact of a material interruption.

What does the Policy not cover?

1. Money stolen by electronic means or cyber fraud.
2. Retentions apply: there is a £1000 excess and a 6 hour network interruption retention.
3. The £25,000 limit of indemnity might cover the costs of a small breach, but in all likelihood will be insufficient for a serious incident or multiple incidents. Higher limits of indemnity may be available upon request.

IASME is a National Cyber Security Centre delivery partner, responsible for operating the Cyber Essentials scheme. For more information on the Cyber Essentials insurance policy and how to make a claim, see https://iasme.co.uk/cyber-essentials/cyber-liability-insurance.

How we can help at Comprendo

We can assist you and your business on your journey to Cyber Essentials certification, as well as to the next level of cyber security – Cyber Essentials Plus certification, which includes a technical audit of your IT systems to verify that the controls are in place.

These are the 5 Technical Controls which are assessed in both levels of Cyber Essentials Certification:

1. Firewalls and Routers
2. Secure Configuration
3. Security Update Management
4. Access Control
5. Malware Protection

At Comprendo we provide a FREE audit of your existing security measures to establish where your business sits on the pathway to CE compliance.

Call our friendly support team to arrange your free audit: tel 0345 527 4394 / info@comprendo.co.uk

At Comprendo, we provide customer-focused IT services, solutions and support to businesses throughout North and West Yorkshire, Lancashire and beyond, including Leeds, Bradford, Harrogate, York, Preston and Manchester. Looking to outsource your IT or review your cyber security? We look forward to hearing from you.