Cyber Security Certification
Why get certified? To gain credibility through a stamp of approval from an objective organisation, a stamp which offers a certain proof of knowledge and an aura of authority and reliability. As a child, Patrick Carolan gained certificates in swimming, and as a man, he has gained numerous certificates in cyber security. Here, he gives a slightly more detailed answer to the opening question…
Patrick, what is the value of certification?
I will answer that question by way of another one first, which illustrates just how large a topic cyber security and the threats and risks to it actually is.
It’s very interesting.
As of April this year, there were almost 4.6 billion people using the internet; or, to put it another way, almost 60 percent of the global population are now active internet users.
That is interesting.
I told you. In Europe alone, there are more than 700 million users and at the last count that was second to over 2 billion in Asia – the largest region for internet usage. So the fact is that more than half of the world’s population is susceptible to cyber security threats. The numbers are growing all the time too, with cyber-attacks involving ransomware malware on the up year after year, so it is vitally important for anyone to consider having a robust security framework in place. For high-profile organisations, they should really be looking to approved, independent auditors, because their needs are greater and there is also a real lack of cyber security-trained professionals out there.
Ok. What about certification?
I’m getting there.
Interestingly, also as of April this year, the partnership between the NCSC and the IASME Consortium became official, which means that Cyber Essentials and Cyber Essentials Plus certification schemes are only valid through IASME now. CRIBB Cyber Security has always worked with IASME so our clients won’t have been affected by this change, but lots of organisations will have had to reapply for the standards this year.
You used the word ‘certification’ there but I’m still awaiting the answer.
Yes, it’s coming.
What was the question again?
Ahem. Why get cyber security certifications?
Ah, yes – good question. Key advantages to companies having certifications are the peace of mind it instils in their customers or users, the overall value to be gained from being seen as ‘trustworthy’ and of course, the fact that they will be achieving compliance.
Interesting, could you please go a little deeper on those 3 points?
Of course, so by encouraging peace of mind in customers and users you are also creating confidence in your brand and your overall service offering or product. That is important if you want continued success, and as I inferred before, awareness of cyber security – or to be more specific – awareness of cyber-attacks and data breaches is far higher than it has ever been before. More and more people understand now what a hacking incident is, for example, and when they see that you have bona fide measures in place to be more cyber secure, it generates a real feeling of trust.
I have heard that word before.
Exactly! Certifications are essentially a trust symbol, but more than that too – nowadays, there are lots of companies and people who will only work with you if you have certifications.
You mentioned compliance?
That’s right, ultimately a nice, shiny badge is one thing but the knowledge that you have achieved compliance is second-to-none. As more people start to go online, as more software tools and platforms are created, so too the weaknesses waiting to be exploited will keep on growing. In order to reduce risk and offer protection there is a need to comply with protective regulations, and gaining certifications in cyber security not only means that you are taking the right steps, but it proves that you do indeed have robust measures in place because you have the approval of an approved, independent auditor.
CRIBB Cyber Security is part of TheICEway ecosystem of companies, a collection of IT specialist brands that together provide an end-to-end digital solution for clients in healthcare, cruise and travel and retail. Our expert team helps infuse new technology projects with a ‘security by design’ approach, with a proactive stance adopted wherever possible.
Ransomware Malware – Malware is software that is designed to cause damage, and ransomware malware causes damage via threats to publish data on victims or through permanently blocking access until a ransom is paid
NCSC – National Cyber Security Council, a UK Government organisation that offers advice and support on computer security
IASME Consortium – Originally one of five Government-appointed Accreditation Bodies for the Cyber Essentials Scheme, now the sole Accreditation Body working with the NCSC
For more advice on certification and cyber security in general, our professionals are always happy to help so contact us today.