Does your company need Cyber Essentials to win new business contracts?

Updated: Oct 15, 2021

Thought leadership from Trusted Partner DigitalXRAID

Does your company need Cyber Essentials to win new business contracts?

Earlier this month the Government updated their procurement frameworks, summarising those that have been awarded, extended, or expired.

Within the government procurement portal, it further outlines the ‘want’ for SMEs to tender for government business, to assist in helping the public sector buy, design, build and deliver digital projects. But in order for SMEs to tender for a government contract, they are required, in most part, to have a Cyber Essentials certification in place prior to the procurement process. This shows that the SME meets supply chain obligations and can progress with the tender. Cyber Essentials is a UK government-supported scheme that was developed to help organisations protect themselves against cyber threats, supporting the National Cyber Security Centre’s objectives to:

· make the UK one of the most secure places in the world to do business in cyberspace;

· make the UK more resilient to cyber-attack and better able to protect our interests in cyberspace;

· help shape an open, vibrant, and stable cyberspace that supports open societies;

· build the UK’s cyber security knowledge, skills, and capability.

The certification offers a foundation of basic cyber hygiene measures, which can significantly reduce a company’s vulnerability and reduce the levels of a cyber security risk in the government’s supply chain.

Suppliers that do not have a Cyber Essentials certification will be unlikely to tender for any public sector contract. Those who have the correct cyber certification in place prove they have committed to strengthening their digital infrastructure against the ever-imminent threat of cybercrime and meet the outlined government cyber security standard.

The contracts that require Cyber Essentials as a necessity to tender are those involving the handling of sensitive and personal information, and provision of certain technical products and services.

Put simply, a Cyber Essentials certification is required when:

1. Personal information of UK citizens, such as home addresses, bank details, or payment information is handled by a supplier.

2. Where personal information of Government employees, Ministers and Special Advisors such as payroll, travel booking, or expenses information is handled by a supplier.

3. Where IT systems and services are supplied which are designed to store, or process, data at the official government level of the Government Protective Marking scheme.

For any SME that wishes to bid for government contracts, it’s best to start with the correct certifications that enable you to throw your hat in the ring.

Even if government contracts are not your target, cyber security is not something that can be dismissed. In the past twelve months, 48% of UK businesses have reported a cyber security breach or attack, 68% of which were SMEs. A Cyber Essentials certification is a low-cost method to show that your business understands the requirement to keep their customers data safe, and has policies, procedures, and protection in place to do so.

DigitalXRAID is an award-winning provider of cyber security services. Specialising in Cyber Essentials and using a combination of people, expert knowledge and technology to always stay one step ahead of the criminals. Our clients are confident in the tailored support and protection they receive by having DigitalXRAID on their side.

Endorsed by and partnered with the NEBRC, we work with thousands of UK businesses to help them achieve their Cyber Essentials certification. We work to support your organisation achieve what’s required to win new business contracts and instil trust in stakeholders, proving that you do everything you can to ensure customer data and infrastructure is protected.

For further information visit: