Government mandates new cyber security standard for suppliers


The government is improving cyber security in its supply chain. From 1 October, all suppliers must be compliant with the new Cyber Essentials controls if bidding for government contracts which involve handling of sensitive and personal information and provision of certain technical products and services.

Cyber Essentials was developed by government, in consultation with industry. It offers a sound foundation of basic cyber hygiene measures which, when properly implemented, can significantly reduce a company’s vulnerability. The scheme’s set of 5 critical controls is applicable to all types of organisations, of all sizes, giving protection from the most prevalent forms of threat coming from the internet.

Minister for Cabinet Office, Francis Maude said:

“It’s vital that we take steps to reduce the levels of cyber security risk in our supply chain. Cyber Essentials provides a cost-effective foundation of basic measures that can defend against the increasing threat of cyber attack. Businesses can demonstrate that they take this issue seriously and that they have met government requirements to respond to the threat. Gaining this kind of accreditation will also demonstrate to non-government customers a business’s clear stance on cyber security.

Cyber Essentials is a single, government and industry endorsed cyber security certification. It is accessible for businesses of all sizes and sectors to adopt, and I encourage them to do so.” 

Related reading