46% of all UK businesses have suffered at least one attack within the last 12 months and 65,000 UK SME’s suffer cyber security attacks each day, of which 4,500 are successful. This means that every 19 seconds an SME is hacked successfully. According to the UK Government’s 2020 Cyber Security Breaches Survey, the most common types of cyber attacks that SMEs are experiencing are in the form of phishing and whaling email attacks, as well as malware and ransomware attacks.
Now more than ever, it’s important for businesses to think about their cyber security and ensure that they have the right controls in place to reduce their vulnerability to a cyber attack.
What can I do?
At the Police Digital Security Centre, we recommend businesses regularly review their vulnerability to the most common types of cyber crime.
That’s why, in collaboration with BSI (British Standards Institution) we have developed a new assessment scheme aimed at helping SMEs reduce their vulnerability to cyber crime and demonstrate to customers, staff, stakeholders and suppliers that the protection of their data is taken seriously.
Our message is clear. Good cyber security is good for business.
The Initial Assessment will ask you a series of simple questions about your organisation, which will help us determine your level of risk.
After completing the Initial Assessment you will then be required to complete either:
- The Digitally Aware Assessment: an entry level certificate
- The Digitally Resilient Assessment: aimed at organisations who are above the minimum level of risk*
*Minimum cyber risk is defined as that which meets the criteria for the Digitally Aware scheme
A confidential self- assessment tool which provides you with a clear and easy to understand picture of your cyber security and vulnerabilities.
Saves you time and money by bringing together in one place the guidance, standards and expert advice around cyber security.
You will receive tailored advice from the experts at the Police Digital Security Centre showing how you can reduce your vulnerability to cyber crime.
To cover administrative costs there is a nominal fee of £50 + VAT. The certificate is valid for 12 months.
You must be able to demonstrate that you have implemented controls that are appropriate to the level of risk you are exposed to against the National Cyber Security Centre’s “10 steps to cybersecurity” principles.
You will also be assessed on your user-related processes such as awareness/training, removable media, remote working and incident management
An independent scan is performed of your internet-facing perimeter to ensure that common vulnerabilities are not present. The cost will vary depending on a number of factors. The certificate is valid for 12 months.