The TALL Group of Companies has gained the recently launched Government-led Cyber Essentials certification. The Cyber Essentials scheme is part of the UK Government’s National Cyber Security Strategy and provides an independent assessment of the essential security controls that businesses need to have in place to mitigate risks from web-based threats and cyber-crime.
One in four businesses reported a cyber-breach or attack in the past 12 months (Cyber Security Breaches Survey 2016, Department for Culture, Media & Sports). By successfully going through a Cyber Essentials assessment, businesses not only lower their risk of serious data and financial loss, including intellectual property theft but also, by displaying the Cyber Essentials’ badge on marketing collaterals, they demonstrate to customers and suppliers that they have taken steps to be fundamentally cyber safe.
Martin Ruda, Group Managing Director of the TALL Group, commented, “We believe we are one of the first security printer and electronic payments solutions providers in the UK to achieve this Cyber Essentials certification and I would like to congratulate our teams across the Group in achieving this standard. Our three Group sites in Runcorn, Hinckley and Lisburn exchange secure data on a daily basis and so this important Government-led initiative provides a clear focus on cyber-crime.
In addition, moving forward, because it is mandatory when bidding for a range of Government contracts, we will be in a better position to compete for this type of business.”
“As a Group, we are already implementing the standard ISO27001 that provides a specification for an information security management system (ISMS). Our ISMS outlines our Group policies and procedures for all legal, physical and technical controls that make up our information risk management processes,” he added.
According to its documentation, ISO 27001 was developed to “provide a model for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an information security management system.” As such, ISO 27001 provides a top-down, risk-based approach and is technology-neutral whereas the Cyber Essentials certification focusses attention on key areas of IT systems security and provides real assurance that the TALL Group has appropriate measures in place to secure sensitive data.
In order to pass the Cyber Essentials Accreditation, TALL had to complete a Cyber Essentials questionnaire, covering the five key elements of the Cyber Essentials programme. The TALL Group’s network also underwent an external vulnerability assessment, by QG Business Solutions Ltd on behalf of the Certification Europe body, to ensure the company had implemented sufficient and secure controls at its connections with the web and wider world.
Systems that fall within the scope of the Cyber Essential Scheme include internet connected Group devices such as desktop PCs, laptops, tablets and smartphones, and other internet connected systems including email, web and application servers.
The Cyber Essential scheme requires the following items to be put in place within the organisation:
- Boundary firewalls
- Internet Gateways
- Secure configuration
- User access control
- Malware protection
- Patch management
QG Business Solutions Ltd. awarded the certification to TALL following an evaluation of its security. “We enjoyed working with The TALL Group of Companies to help them achieve the Cyber Essentials certification and applaud their initiative and strong commitment to security,” said Brian Lightowler of QG Business Solutions Ltd. “Cyber Essentials focusses attention on key areas of IT system security and provides real assurance that TALL has appropriate measures in place to secure data. And this is a major benefit to other organisations that can also have greater confidence in cyber security if they buy from suppliers who are certified to the new standards.”