Press "Enter" to skip to content

Why is Cyber Essentials certification more important than ever for SMBs?

According to government statistics, 39%* of businesses were targeted by a cyberattack in the UK last year. As cyberattacks become increasingly sophisticated, and we head into recessionary times, it is even more important for businesses to secure their IT systems, and reduce the risk of a potentially costly cyberattack.

Many business owners don’t realise that whilst most newsworthy cyberattacks target large businesses and enterprises, it is just as common for small businesses to be attacked, as they are less likely to have invested in securing their IT systems.

Andrew Hookway, Managing Director, Extech Cloud, explains why SMB owners should be investing in strengthening their security postures, and achieving Cyber Essentials certification.

What is a Cyber Essentials certification?

Cyber Essentials is a UK Government-backed scheme designed to protect organisations against common cyberattacks. There are two levels of certification: Cyber Essentials and Cyber Essentials Plus. Cyber Essentials is a self-assessment, that ensures businesses have controls in place to protect against most common cyberattacks. Cyber Essentials Plus is a more in-depth certification and includes hands-on technical verification.

The Cyber Essentials certification covers firewalls, secure configuration, user access control, malware protection, security update management, and more. The certification lasts for 12 months and is regularly updated to ensure businesses are protected against novel attack methods.

The importance of cybersecurity for SMBs in 2022

All small businesses are at risk of falling victim to a cyberattack. The most common cyberattacks being phishing, data breaches and ransomware attacks. Any of these could be devastating for a business, in terms of the cost of remediation, and reputation damage.


Thankfully, many of these attacks are carried out by relatively unskilled cybercriminals and therefore can be stopped by implementing basic security controls. Furthermore, with a Cyber Essentials certification, these attacks are no longer viable.

Five Benefits of a Cyber Essentials certification for SMBs

  1. Reduce the chance of falling victim to a cyberattack

The overall goal of Cyber Essentials is to reduce your business’s cyber risk. As the assessment covers most attack surfaces and the associated technical security controls, Cyber Essentials covers all the bases to protect from 80% of common cyberattacks. Although cybercriminals’ methods are constantly changing, these technical controls will typically stop novel attack methods, especially if they are not highly targeted attacks.

  1. Gain a competitive advantage

If you own a small business in a competitive industry, a Cyber Essentials certification can help you stand apart from the competition. Displaying the Cyber Essentials certification badge on your website and other marketing materials, shows that your business takes security seriously, and assures customers (consumer and corporate), they are less likely to have their data leaked as part of a customer data breach.

  1. Find new business opportunities

A Cyber Essentials certification is mandatory for businesses considering submitting a bid for a contract with the NHS, Ministry of Defence, and UK Government. Many private sector businesses also look for the Cyber Essentials badge of approval when seeking new suppliers.

  1. Improve credibility and reputation

The technical controls necessary to obtain a Cyber Essentials certification are relatively simple to implement, and the self-assessment is a quick and easy process. This simple and affordable certification can add significant value to your business as it improves credibility and reputation. Cyber Essentials shows that your business is committed to protecting your customers’ data and taking action to reduce the chance of falling victim to a cyberattack.

  1. Free Cyber Liability Insurance

Cyber Essentials certification automatically entitles your business to free Cyber Liability Insurance up to £25,000 of indemnity. This also enables access to a 24-hour hotline for reporting cyber incidents, crisis management, and incident response. For businesses that do not already have cyber insurance, this is a perfect option to recover from a small breach or incident. Many cyber insurance providers will also give discounts to businesses that are Cyber Essentials certified.

How to obtain Cyber Essentials certification

For businesses that are not well-versed in the world of cybersecurity, it can be difficult to implement the technical controls necessary to obtain a Cyber Essentials certification. Extech Cloud helps businesses implement the technical controls, and provides additional security services to further reduce their chances of falling victim to a cyberattack. www.extechcloud.com

* https://www.gov.uk/government/statistics/cyber-security-breaches-survey-2022/cyber-security-breaches-survey-2022

Business Info Magazine & Site is Published by Kingswood Media 2022