What is the difference between the the NCSC Cyber Security Small Business Guide and Cyber Essentials

Launched on the 11th October you may have already seen in business headline the new 'Small Business Guide' from the National Cyber Security Centre (NCSC).

It's been getting a lot of press, and rightly so for something that may help in part to save your business from a cyber-attack, so what is it, and how does this differ from the Cyber Essentials scheme, also run by the NCSC?

What's the Small Business Guide?

This guide is billed as the quick, easy and low-cost way to improve your businesses cyber security, and it comprises of 5 key areas of advice.

1.     Backing up your data

2.     Protecting yourself from Ransomware

3.     Keeping your Smartphones (and tablets) safe

4.     Using passwords to protect your data

5.     Avoid Phishing Attacks

I'm not going to run down all the tips they provide under these sections, but provide an explanation of the difference between the two schemes as there has been a bit of confusion among some people who have contacted us about the latest advice.

So, the Small Business Guide is just advice, the absolute minimum of what you should be doing to protect your business and advice is all well and good if you follow it continuously!

What's Cyber Essentials?

Cyber Essentials is a way of testing these basic (and other) controls you have in place and a certification method (with CE+) to have it independently verified so you can tell the world that you have.

In our opinion the Small Business Guide is most probably more suited to the very smallest of business such as sole traders, where for any business employing staff you should just jump straight to Cyber Essentials.