Consult MB Ltd

Following the headline-dominating ransomware attack on Blackbaud earlier this year, the threat charities are under has never been more real. With employees increasingly working from home, ensuring charities are cyber secure is now more important than ever.

With this in mind, the IASME Consortium, the recognised partner for the Government-backed Cyber Essentials certification scheme, is launching a week-long campaign in November aimed at encouraging registered charities to improve their resilience to online threats.  Alongside their participating licensed partners, the IASME Consortium is offering discounted certifications on two of their schemes, Cyber Essentials and IASME Governance, which will help charities demonstrate that they have effective and recognised best practice and protections in place.

As a licensed certification body, Consult MB Ltd is pleased to be offering a discount on both certifications to charities for the week 2nd-6th November 2020. The discounted rates are as follows:

Cyber Essentials          – £225 plus VAT (a 25% discount)

IASME Governance     – £250 plus VAT (a 37.5% discount)

Through this campaign, we are hoping to raise awareness to charities of the cyber threats they may face and how they can combat them by putting the right procedures in place for their organisations. To find out more and to register your interest, please contact us directly for more information.

ImmuniWeb a company specialising in Artificial Intelligence in the security world have published a report “State of Cybersecurity Industry Exposure at Dark Web”. It’s a scary read. Leading global cyber security companies report some shocking figures about data leaks and information appearing on the Dark Web. What’s particularly concerning is the continued use of weak passwords, and identical passwords used across many different systems. A password of “password” was the most commonly found. Ho hum.

When we consider addressing cyber risk we often focus on mitigation. Sometimes we avoid the risk or simply accept the risk. Another option is to transfer the risk, and typically this means insurance. The National Cyber Security Centre (NCSC) has recently published some guidance for organisations thinking about cyber insurance. Whilst stressing that insurance will not prevent cyber security incidents…the NCSC make the point that some insurers will give discounts when you can demonstrate that you take cyber security seriously and have basic defences in place. Cyber Essentials and Cyber Essentials Plus certification are identified as evidence of this.

As a Cyber Essentials & Cyber Essentials Plus Certification Body we provide training, advice/consultancy and certification services across the whole of Somerset, Bristol, and surrounding areas. If you achieve Cyber Essentials with us you may be eligible for cyber liability insurance offered as part of the certification. Please check out the IASME Consortium (NCSC’s Cyber Essentials Partner) FAQ for more details.

In response to COVID-19, on July 13^th the NCSC added a “Home and Remote Working” exercise to their great free resource “Exercise in a Box”.

Like most of their other exercises, this 30-60 minute session is also a ‘table top’ exercise, based around discussions prompted by NCSC discussion points. The exercise is aimed at small to medium size businesses, you can check it out here: https://www.ncsc.gov.uk/information/exercise-in-a-box

As a Cyber Essentials, Cyber Essentials Plus, and IASME Governance certification body it is important that our customers know that we practise what we preach and that we meet or exceed the same standards that we expect from them. It’s equally important that we understand the effort and time it takes for small to medium size enterprises to achieve certification.

As such, we re-certify in both Cyber Essentials and IASME Governance every year. It’s not just a copy and paste of last year’s answers either! We strive to evolve and improve our security processes and incorporate the latest technical guidance and advice wherever possible.

Re-certification is a good time to review everything we do, and to remind ourselves that achieving the certification is a non-trivial task for both us and our customers.

The coronavirus lockdown presented many new challenges to small-to-medium sized organisation. Not least in the sudden change in the way we use IT with increased home working. As such, in April, Consult MB Ltd offered free external vulnerability scans to all local charities, and to the first 25 local businesses that requested it.

We’re pleased to announce that we’re extending the scheme for the next month, with free vulnerability scans for local charities and volunteer organisations. If you’re interested, please get in touch via our contact us page.

Effective security against the most common Internet based cyber threats just got clearer!

1 April 2020 marks the launch of The IASME Consortium becoming the National Cyber Security Centre Cyber Essentials Partner.  #CyberEssentials is a Government backed scheme which has proven to be popular and successful with organisations seeking to protect themselves against the most common online cyber threats. 

To deliver regional support to customers throughout the UK, IASME will continue to deliver the scheme via approved regional Certification Bodies (CBs).  Consult MB Ltd can announce that we continue into this new era as an IASME approved CB.

Consult MB Ltd supports clients throughout Somerset, Bristol, Gloucestershire and South Wales. We do venture further afield from time to time as well! For more information about, or to apply for, Cyber Essentials please have a look at our Cyber Essentials webpage.

NCSC have put out an updated blog concerning Cyber Essentials:

https://www.ncsc.gov.uk/blog-post/cyber-essentials-countdown-to-partnership-launch

and also updated their Cyber Essentials FAQ:

https://www.cyberessentials.ncsc.gov.uk/strengthening-developing-the-ce-scheme

Consult MB Ltd is pleased to confirm, in terms of both the new technical Pen Testing requirements, and the new quality requirements, that we are ready for the 1 April Cyber Essentials changes. Our customer base across Somerset, Bristol, and surrounding areas continues to grow as we provide cost effective cyber security solutions and Cyber Essentials/Plus certification to our clients.

We didn’t find the time to go to Davos this year…but the World Economic Forum have included cyber security in their Global Risks Report 2020 https://www.weforum.org/agenda/2020/01/top-global-risks-report-climate-change-cyberattacks-economic-political/

Cyber security risks feature in both their Long-Term and Short-Term Risk Outlooks.

The unfortunate fact is that many cyber-attacks do not discriminate between huge global corporations and the type of small to medium size businesses that Consult MB Ltd supports in places like Bridgwater, Bristol, Cardiff, Clevedon, Dursley, Davos…no, not Davos, but you get the idea.

If you need any help or advice with your cyber security please contact us.

In amongst the Black Friday/Black Monday/every day of the week/year sales…was ‘Small Business Saturday’ on December 7th. The NCSC supported the day by releasing a series of ‘bite sized’ videos that outline their response and recovery guidance for small businesses. You can find the videos here: https://www.ncsc.gov.uk/collection/small-business-guidance–response-and-recovery/video-collection

The NCSC have more essential guidance for small business here: https://www.ncsc.gov.uk/collection/small-business-guide

At Consult MB Ltd we love an informative cyber security video. You probably won’t find the NCSC releasing it, but check out this seasonal clip from Christmas 2014 by the Security Awareness Company https://www.youtube.com/watch?v=4z5TpZvTcg4

If you’re a small to medium sized business in Bristol, Somerset, or nearby, then please contact us if you have any needs for cyber security awareness training, for implementing robust policies and technical controls, or if you want to gain Cyber Essentials / Cyber Essentials Plus certification.