Emplas has achieved Cyber Essentials Accreditation recognising the steps towards securing its IT systems against cyber-attack as part of a quarter of a million-pound investment in its IT systems.
The Government-backed National Cyber Security Centre (NCSC) scheme is designed to support businesses in protecting themselves against cyber-attack including ransomware and viruses.
Following an eight-month programme of investment including a major upgrade of its network, servers, power supplies, virus software – and most importantly cultural change – Emplas was awarded the accreditation in December last year.
Stuart Chadwick, head of IT, Emplas, said: “Our business and the service we offer to our customers is built around our IT infrastructure, connecting our portal EVA and the tools our customers access daily to our production systems, our factory floor and right through to distribution.
“Protecting that against a backdrop of a growing number of cyber-attacks, including many on our own industry, including us, is incredibly important in safeguarding our business and our customers’ supply chain.”
According to the NCSC 2021 annual review the number of ransomware attacks – where hackers extort organisations for the return of stolen data – was three times higher in the first quarter of 2021 than in the whole of 2019.
This included Emplas, which was among a high-profile window and door businesses to be targeted in a ransomware attack in March 2021.
Although contained within a 12-hour period, Emplas lost workstations and access to data, providing even more impetus to a programme which started in late 2020. The NCSC scheme provides a great framework through which press can be measured.
“Everything has been rebuilt from the ground-up. It’s new. Every server, every computer is running current anti-virus software, the latest versions of software and all the latest patches,” Stuart said.
“The cultural change has been equally as important. We have far better password discipline, two factor authentication, automatic locking of computers. Colleagues now constantly demonstrate alertness to threats such as email attachments etc.
“It’s about striking a balance between not inconveniencing people or putting things in the way so that IT becomes an obstacle versus the need for high levels of security.
“The Cyber Essentials Scheme is very useful in working through things in a very practical way while delivering a step change in security.”
According to figures from the NCSC Cyber Essentials accredited certified companies cut their risk of cyber-attack by 98.5%.
