If you are running a Financial Services or Fintech firm and you do not have Cyber Essentials certification, you might be putting your reputation and your clients at risk.
Businesses in the financial sector have long been a prime target for cyber criminals, with the rewards being significant for a successful breach. In fact, according to a November 2020 survey, 62% of financial service providers suffered a breach in the previous 12 months.
The situation has deteriorated further with the move towards more home working. A study by BAE Systems indicates that 74% of organisations surveyed experienced an increase in cyber crime since the start of the Covid-19 pandemic.
What is Cyber Essentials certification?
Cyber Essentials is a UK Government-backed scheme, which allows firms to certify themselves against a set of ‘best practice’ technical cyber security controls. These controls are estimated to reduce the risk of a breach by up to 80%. It is recommended by the Financial Conduct Authority.
The assessment covers five key areas of security:
- Firewalls and Internet gateways
- Secure configuration
- Access control
- Malware protection
- Patch management
This can be carried out as a self-assessment but we would advise that anyone appointed to do this has a good technical understanding and knowledge of the scheme. Alternatively, an official Cyber Essentials certification body such as Pro Drive can help you.
How does Cyber Essentials help?
Many financial services organisations are actively involved in transferring large sums of money or dealing with the personal details of wealthy clients. Access to systems containing details of such transactions or individuals is hitting the jackpot for a cyber criminal and you can be certain your firm will be targeted.
By following the Cyber Essentials controls, you will be reducing the likelihood of such an attack being successful and therefore protecting your firm against serious financial loss.
For Wealth Managers or firms seeking external investors, a Cyber Essentials certificate will help provide them with confidence that you take looking after their money seriously. As such, having an accreditation can be a useful asset to marketing teams or any due diligence process.
How do I get started?
The scheme is designed to be pretty straightforward, at least in the initial stages. The time it will take to become certified will depend on the size and scale of your business and, of course, the knowledge you have around cyber security.
It can be really beneficial to enlist the help of someone who has this knowledge and experience to take you through it. Pro Drive offers several packages to guide you through the process and help you pass the assessment.
If you would like to find out more, please refer to the Cyber Essentials website.
If you feel you might need some support in getting Cyber Essentials certification or an initial opinion on how much work there is to do, call 0330 124 3599 to speak to us – or use the form below.