Why get certified? To gain credibility through a stamp of approval from an objective organisation. A stamp which offers a certain proof of knowledge and an aura of authority and reliability. As a child, Patrick Carolan gained certificates in swimming, and as a man, he has gained numerous certificates in cyber security. Here, he reveals the importance of cyber security certification…
Patrick, what is the value of certification?
I will answer that question by way of another one first. This should illustrate just how large a topic cyber security and the threats and risks to it is.
It’s very interesting.
As of April this year, there were almost 4.6 billion people using the internet. To put it another way, almost 60 percent of the global population are now active internet users.
That is interesting.
I told you. In Europe alone, there are more than 700 million users. At the last count that was second to over 2 billion in Asia, the largest region for internet usage. So the fact is that more than half of the world’s population is susceptible to cyber security threats. The numbers are growing all the time too, with cyber-attacks involving ransomware malware on the up year after year. It is then vitally important for anyone to consider having a robust security framework in place. For high-profile organisations, they should really be looking to approved, independent auditors. This is because their needs are greater and there is also a real lack of cyber security-trained professionals out there.
Ok. What about certification?
I’m getting there.
Interestingly, also as of April this year, the partnership between the NCSC and the IASME Consortium became official. This means that Cyber Essentials and Cyber Essentials Plus certification schemes are only valid through IASME now. CRIBB Cyber Security has always worked with IASME so our clients won’t have been affected by this change. A lot of organisations will have had to reapply for the standards this year though.
You used the word ‘certification’ there but I’m still awaiting the answer.
Yes, it’s coming.
What was the question again?
Ahem. Why get cyber security certifications?
Ah, yes – good question. Key advantages to companies having certifications are the peace of mind it instils in their customers or users. There is also the overall value to be gained from being seen as ‘trustworthy’ and of course, the fact that they will be achieving compliance.
Interesting, could you please go a little deeper on those 3 points?
Of course, so by encouraging peace of mind in customers and users you are also creating confidence in your brand and your overall service offering or product. That is important if you want continued success. As I inferred before, awareness of cyber security – or to be more specific – awareness of cyber-attacks and data breaches is far higher than it has ever been before. More and more people understand now what a hacking incident is, for example. When they see that you have bona fide measures in place to be more cyber secure, it then generates a real feeling of trust.
I have heard that word before.
Exactly! Certifications are essentially a trust symbol, but more than that too. Nowadays, there are lots of companies and people who will only work with you if you have certifications.
You mentioned compliance?
That’s right, ultimately a nice, shiny badge is one thing but the knowledge that you have achieved compliance is second-to-none. As more people go online and more software tools and platforms are created, the weaknesses waiting to be exploited will keep growing. To reduce risk and offer protection there is a need to comply with protective regulations. Gaining certifications in cyber security means that you are taking the right steps. It proves that you have robust measures in place because you have the approval of an independent auditor.
CRIBB Cyber Security is part of TheICEway ecosystem of companies, a collection of IT specialist brands that together provide an end-to-end digital solution for clients in healthcare, cruise and travel and retail. Our expert team helps infuse new technology projects with a ‘security by design’ approach, with a proactive stance adopted wherever possible.
Ransomware Malware – Malware is software that is designed to cause damage, and ransomware malware causes damage via threats to publish data on victims or through permanently blocking access until a ransom is paid
NCSC – National Cyber Security Council, a UK Government organisation that offers advice and support on computer security
IASME Consortium – Originally one of five Government-appointed Accreditation Bodies for the Cyber Essentials Scheme, now the sole Accreditation Body working with the NCSC
For more advice on certification and cyber security in general, our professionals are always happy to help so contact us today.