“The Information Commissioner’s Office supports the Cyber Essentials scheme and encourages businesses to be assessed against it. Protecting personal data depends on good cyber security, and the threats and challenges are getting ever more sophisticated. All too often organisations fail at the basics. This scheme focuses on the core set of actions that businesses should be taking to protect themselves, their customers, and their brand. Cyber Essentials enables businesses to demonstrate that they are taking action to control the risks”
Christopher Graham, Information Commissioner, Information Commissioner’s Office
“Increasing awareness of the cyber security threat to business is an important issue to the CBI, so we are pleased to be one of the first organisations to take part in the Cyber Essentials scheme. Business leaders will benefit from the access to helpful and authoritative cyber security guidance. Encouraging firms to adopt this scheme is a positive step towards greater awareness of cyber security and more widespread action to manage the risks”
John Cridland, Director General, Confederation of British Industry
“Cyber crime poses a real and growing threat for all businesses and small firms in particular and should not be ignored. Many businesses take steps to protect themselves but the cost of crime can act as a barrier to growth. For example, some businesses refrain from embracing new technology as they fear the repercussions and do not believe they will get adequate protection from crime. In the face of an ever increasing threat of cyber attacks, the FSB supports the Cyber Essentials scheme as an additional and important tool, designed to help reduce the risk to small firms and improve the resilience of the sector”
Mike Cherry, National Policy Chairman, Federation of Small Businesses
“AIG is pleased to support the Cyber Essentials Scheme, which provides an effective way for organisations to manage essential cybersecurity risks. As part of our commitment to the programme, we will incorporate Cyber Essentials into our risk assessment process for new cyber insurance policies, offering preferential rates to those prospective AIG clients who have obtained a Cyber Essentials Certificate as part of our commitment to superior cyber hygiene and overall cyber risk management.”
Jamie Bouloux, Cyber Liability Underwriting Manager of insurance firm AIG
“As a global leader in insurance broking and risk management, Marsh designs and delivers solutions that enable companies to protect themselves against cyber risks. We welcome this new government initiative to improve security practice to an accredited standard and believe it will make insurance more attainable for UK businesses.”
Mark Weil, Chief Executive of insurance broker Marsh UK and Ireland
“ICAEW Chartered Accountants frequently handle sensitive financial information, making data security and risk management central to the work we do. This is why the ICAEW is committed to raising standards of cyber security within the profession, and the wider business community as a whole. The Cyber Essentials scheme provides an industry standard to show that a business cares about its own data - and its customers. That’s why ICAEW worked with government and other industry professionals to develop the scheme, in order to provide a greater standard of cyber hygiene amongst all UK businesses, regardless of size or sector”
Michael M D Izza, Chief Executive, ICAEW
“Our customers depend on us to provide secure infrastructure for broadcast and telecommunications services and so we are always looking at ways to improve how we manage cyber security threats. Cyber Essentials is as relevant to large, critical infrastructure businesses as it is to organisations who face lower levels of cyber risk. In addition to our existing end to end ISO27001 certification, we are adopting the Scheme and encouraging our suppliers to adopt it as well”
Richard Beck, Head of Information Security, Arqiva
“Swiss Re Corporate Solutions supports the Cyber Essentials scheme since it defines well the basic requirements in cyber risk management and believes it will be valuable to insurers in making judgements about how well businesses are managing their cyber security risks”
Willy Stoessel, Global Head of Cyber, Swiss Re Corporate Solutions
“The Cyber Essentials Scheme will positively impact the wider UK economy by raising the bar for opportunist attackers. The scheme will identify the essential security controls organisations, particularly small to medium enterprises (SMEs), need within their IT Systems to increase their cyber resilience. It will also help SMEs improve their cyber posture and give them confidence that they are beginning to mitigate cyber risk.”
James Nunn-Price, UK cyber partner at Deloitte
“HP welcomes the introduction of this Scheme as it provides a clear means to demonstrate our own technical cyber safeguards are in place and and a means to assess and assist our supply base. We will seek to help our SME community to undergo their own registration”
Andy Thornton, VP COO & SIRO of HP UK Public sector
"IRM regularly sees the damaging commercial and personal consequences of weak cyber security. As an early adopter of Cyber Essentials ourselves, we’re keen that as many organisations as possible start implementing its principles at the earliest opportunity."
Jeremy Harrison Interim Chief Executive, Institute of Risk Management
"BIBA see the launch of Cyber Essentials as a welcome development in the practice of cyber risk management. Cyber Essentials will help our members better assess clients looking for insurance cover and help those clients implement basic technical protection in their business."
Graeme Trudgill, Executive Director of the British Insurance Brokers Association (BIBA)
"The International Underwriting Association supports the Cyber Essentials Scheme as a basic standard in line with promoting good risk management and raising awareness of cyber risks."
International Underwriting Association (IUA)
"We have all seen various presentations and articles about the development of the Cyber Essentials scheme - if not, where have you been? On seeing the list of five controls, I did ask "is that all? - we need 10 Steps to do Cyber?" Was it worth it? Time will tell about the success of the overall scheme, but I learned a number of things while doing it. It forced me to look in detail at my business, rather than taking things for granted - "I do IT security so we must be okay". There is also the pleasure in talking to other larger security companies and asking them, "If it is so basic, why they are not certified?"
Ed Moses, CLAS consultant Specialist Industries Limited