intelligent
// FEATURE //
cCan you give us an overview of IASME and its core aims ?
IASME was founded on the principle that basic cybersecurity is an essential requirement for the supply chains of all organisations . It all started with the IASME Governance standard , first developed through a UK Government funded project to develop an alternative to ISO27001 for small companies . Since then , IASME has championed the interests of SMEs and has been especially successful at engaging micro and small organisations in cybersecurity education and improvement .
IASME helped write what would become Cyber Essentials , the UK Government basic level certification scheme , and worked to develop and co-deliver the scheme for several years . Following a commercial tender process in April 2020 , IASME was chosen by the National Cyber Security Centre ( NCSC ) to take over full responsibility for Cyber Essentials delivery and became the government ’ s Cyber Essentials Partner .
Today , IASME works alongside a network of more than 250 certification bodies across the UK and Crown Dependencies to help organisations of all sizes protect themselves against cyberattack and fraud . IASME is committed to helping businesses improve their cybersecurity , risk management and good governance through an effective and accessible range of certifications .
Already this year , IASME has launched two new schemes : the IoT Security Assured scheme for certifying Internet of Things ( IoT ) products , and the first of its kind , Counter Fraud Fundamentals scheme , developed in partnership with the Open Banking Implementation Entity for certifying organisations that have the most important counter fraud controls in place .
IASME is also proud to celebrate diversity and inclusivity . Its team is one of the most gender and neuro-diverse within the sector , with flexible working conditions a norm years before working from home became a necessity . The company is headed by , and 60 % owned by , women and the board of directors is 50 % female . Also , 40 % of the management team is female and 68 % of the employees are identified as neuro-diverse .
What are some of the main cyber-risks to SMEs ?
More businesses than ever operate online with their services accessible digitally . The pandemic is said to have advanced our dependency on the digital world by 10 years due to the closure of shops and remote working . This has meant an increase in the very significant threat of cybercrime which affects almost every modern business . The threat could mean anything from a virus affecting how a computer operates to loss of access to all data in ransomware attack . The worst case for most businesses would be the loss or damage of personal data which could result in an investigation by the ICO .
The majority of cyberattacks are untargeted and use freely available tools which are simple to use but can affect many thousands of businesses or individuals in one go . For example , 90 % of cyberattacks start with an email commonly known as phishing emails . These untargeted attacks exploit basic weaknesses that can be found in many organisations such as poorly configured systems , software that hasn ’ t been updated and old computer systems that are no longer supported by their suppliers .
The Cyber Essentials controls will help an organisation defend against this type of attack . Cyber Essentials consists of five simple controls that will reduce the impact of common cyberattack approaches by up to 80 %. Cyber Essentials is not only simple , it is low cost . For many businesses , the protections they need to put in place are probably already there , they just need to be switched on .
Even if a business has some basics in place , cybercriminals can find their way in by using the weakest link in the chain . Some of the most publicised attacks have been as a result of a breach in the business ’ supply chain and businesses should think that they are as strong as their weakest link .
An important fact to remember is that only about 5 % of cybercrime is targeted – the rest is indiscriminate and opportunist . IASME Governance is a comprehensive yet affordable risk-based standard for SMEs that covers the five core controls of Cyber Essentials as well as additional best practice information security
“
THE PANDEMIC IS SAID TO HAVE ADVANCED OUR DEPENDENCY ON THE DIGITAL WORLD BY 10 YEARS DUE TO THE CLOSURE OF SHOPS AND REMOTE WORKING .
Intelligent SME . tech 29
. tech