Supply Chain Assurance
A cyber breach in your supply chain can have devastating effects on your business.
Secure your supply chain with government-backed certification scheme, Cyber Essentials.
Cyber security assurance in the supply chain
Unaddressed risks can become supply chain threats.
There has been a significant increase in cyber attacks resulting from vulnerabilities within supply chains, including some high-profile incidents. This may be because many organisations struggle to review the risks posed by their immediate suppliers effectively. A lack of assurance tools, insufficient expertise and a lack of visibility have been seen as significant barriers to managing supplier cyber risk. That is where Cyber Essentials can help.
Cyber Essentials as a supply chain tool
Cyber Essentials was introduced by the UK Government in 2014 as a way for organisations of all sizes to effectively address their cyber security. The annually renewable certification scheme is centred around five technical controls that, if implemented correctly, will protect any organisation from the majority of common internet-based cyber attacks including ransomware.
Cyber Essentials provides a tangible way for organisations to gain confidence that their suppliers, or other third parties, have effectively implemented fundamental technical controls that can protect against the majority of untargeted, commodity attacks. Requiring certification can play an important role as an assurance tool to help organisations gain confidence in their suppliers and increase visibility into their supply chains.
Benefits of using Cyber Essentials as a supply chain tool
Confidence that a supplier has technical controls in place
A Cyber Essentials certificate demonstrates that a supplier has technical controls in place to protect them from common attacks; other standards or certifications do not necessarily provide this specific assurance.
Affordable and achievable for all organisations
Though there is a cost attached to achieving Cyber Essentials, it is comparatively inexpensive. Other certification schemes are significantly more costly, thus making them unattainable for many organisations.
Requiring evidence of standardised minimum expectations reduces the time spent assessing suppliers. It is also helpful for the suppliers themselves, who benefit from clear, tangible expectations rather than responding to long and complex or duplicate questionnaires.
A dependable tool for global supply chains
Any organisation from any geography can get Cyber Essentials, making it a useful tool in gaining confidence in the cyber security of global suppliers.
Verify Cyber Essentials certifications across your supply chain
The Cyber Essentials Supplier Check Tool allows organisations to drop a large list of suppliers into a bespoke search function and find out which suppliers are certified to either Cyber Essentials or Cyber Essentials Plus.
Securing your supply chain with Cyber Essentials
Organisations who require their suppliers or other third parties to have Cyber Essentials are proven to reduce the number of cyber incidents across their network.
One of the UK’s largest pensions & life companies, St. James’s Place asked its partnership network of over 2,800 independent businesses to certify to Cyber Essentials Plus.
“In such a large supply chain, this had its challenges, but the decision is already showing a positive impact. Security incident numbers have significantly reduced… we have seen around 80% reduction in cyber security incidents, which directly correlates to controls and best practice implemented through Cyber Essentials.”
Matthew Smith, Divisional Director of Cyber Security, St. James’s Place
IASME Supplier Check
The IASME Supplier Check is a platform created for large organisations to check the Cyber Essentials and Cyber Essentials Plus certification of large numbers of their suppliers and contractors. This tool is solely for the use of checking certification within a supply chain and organisations wishing to use it must go through a verification process and pay an annual fee.
To apply for the Supplier Check, please click below.