Startup Observer.com
  • Home
  • Industries
  • Innovation
  • outsourcing
  • Business
  • Finance
  • Headlines
  • Opinion
  • News
Home Business What security certification is right for your business?
Business

What security certification is right for your business?

by jcp October 26, 2021
October 26, 2021
gawdo

With ransomware attacks and data breaches on the rise, customers are understandably anxious to ensure that vendors and service providers are handling their data properly. Getting a cybersecurity certification for your business is a good way to stand out from the pack and show potential customers and business partners that you’ve done your security homework. But which should you get?

Cybersecurity experts, Probrand, have put together the following advice for businesses:

Cyber Essentials

Perhaps the most relevant cybersecurity certification for small businesses in the UK is the government’s own Cyber Essentials scheme. Operated by the UK National Cyber Security Centre (NCSC), it’s a certification in good practice for cybersecurity.

Cyber Essentials offers two levels of certification. The first, Cyber Essentials, is a self-assessment option that demonstrates you’re competent in five areas of technical controls: firewalls, secure configuration, user access control, malware protection, and security update management.

In this option, companies fill out an online questionnaire, and then a board member signs a declaration to confirm that all the information given is true. An assessor then checks over the answers and makes a decision.

This online questionnaire is also a requirement for the second, higher level of certification, known as Cyber Essentials Plus. Within three months of taking the questionnaire, you can apply for a hands-on technical audit from an accredited auditor working with the NCSC.

Other accreditations

Cyber Essentials is a good all-round basic cybersecurity hygiene certification, but other certifications take a more general view of cybersecurity controls. ISO 27001 focuses more on information management. It looks at areas ranging from risk assessment and security policy through to asset management, physical security, and human resources security. It also examines issues such as access control and incident management. As a broader information security certification with many more moving parts, it is likely to take significantly more time and work, both to prepare and to get assessed.

Some cybersecurity and information security accreditations are industry requirements rather than voluntary projects. One example is the Payment Card Industry Data Security Standard (PCI-DSS) created by the Payment Card Industry Standards Council, an independent body organized by payment card companies.

PCI-DSS carries different levels of accreditation based on which type of merchant you are. That in turn is determined by criteria such as how many credit card transactions you process and how you take payments. This accreditation requires a mixture of regular automated vulnerability scans and possibly an on-site audit depending on your company’s characteristics.

Why get certified?

When a set of industry partners demands certification, you don’t have a choice. When it’s a voluntary system, you’ll weigh the time and cost of certification against three main factors:

  • Reputation: Sporting a certification can go a long way towards building trust in your company before you even begin building a relationship with a customer. They can be a valuable marketing asset when building your industry brand.
  • Compliance: A certification might be a requirement for some customers, especially those in heavily regulated industries. Doing all this groundwork now can avoid costly headaches later when a customer lists certification as a requirement on its RFP or sales contract.
  • Peace of mind: Going through the certification process is also an excellent way to refine and improve your own cybersecurity and information management controls. Even if you are never asked to produce this, it will make you more confident that you’re offering a mature, safe service to your customers.
www.gawdo.com
Share on FacebookShare on TwitterShare on Linkedin
0 FacebookTwitterPinterestEmail
previous post
EMAIL PHISHING: BETTER TO BE SAFE THAN SORRY…
next post
2021 Digital Masters Awards – Shortlist Announced

You may also like

Can I trust you? Online fraud boom casts...

May 22, 2022

HALF OF YOUNG BRITS CLAIM THEY ARE STUCK...

May 22, 2022

Learning at work week 2022: Understanding employee learning...

May 18, 2022
Editorial & Advertiser disclosureEditorial & Advertiser disclosureOur website provides you with information, news, press releases, Opinion and advertorials on various financial products and services. This is not to be considered as financial advice and should be considered only for information purposes. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third party websites, affiliate sales networks, and may link to our advertising partners websites. Though we are tied up with various advertising and affiliate networks, this does not affect our analysis or opinion. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you, or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish sponsored articles or links, you may consider all articles or links hosted on our site as a partner endorsed link.
gawdo.com
https://www.gawdo.com
  • About us
  • Advertising & Terms of Use
  • Contact Us
  • Privacy Policy

@2021 - All Right Reserved.


Back To Top
Startup Observer.com
  • Home
  • Industries
  • Innovation
  • outsourcing
  • Business
  • Finance
  • Headlines
  • Opinion
  • News
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
Cookie SettingsAccept All
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT