Bergerode Consulting an IASME accredited Cyber Essentials and Cyber Essentials Plus certification body. The Cyber Resilience Centre is incredibly proud to work with Bergerode Consulting through our Trusted Partners group.
Based in Lancashire, Bergerode Consulting are a Cyber Security consultancy formed by Dr. Kevin Crichton, (who studied for Lancaster University's Cyber Security MSc in 2010). They aim to help organisations and businesses of any size to become more resilient by strengthening their cybersecurity defences.
The company offer a wide range of services not only encompassing Cyber Essentials, Cyber Essentials Plus, and IASME Governance, but also offer more bespoke services such as ISO 27001 Information Security Implementation and Auditing, ISO 22301 Business Continuity Implementation, Cyber Health Checks, Penetration Testing, Vulnerability Management, virtual Chief Information Security Officer (CISO) services, and Risk Management.
💡Cyber Essentials Tip: Taking Cyber Essentials will help secure your finances. Many small businesses have been hacked and lost thousands of pounds to cybercriminals and often been placed in a precarious financial position because of this. Cyber Essentials also comes with free Cyber Indemnity Insurance worth £25,000.
They have experience in working in multiple sectors with clients across the UK, Europe, and North America, ranging from multi-nationals to local charities, and are active in many areas including engineering, defence and aerospace, the NHS and healthcare and many more.
Lockdown and COVID have changed the way that Cyber Security Specialists are working, with the increased use of remote meetings. Almost all meetings are done remotely now at Bergerode, save for when they are onsite carrying out work that can't be done remotely. ‘The amount of technical work that can be done remotely has largely stayed the same though and this is largely due to the technical nature of the clients' infrastructure. The decline in travelling time has allowed us to have greater flexibility in responding to clients' requests.’
Bergerode Consulting were motivated to join the CRC’s Trusted Partners group 'We feel that the CRC has a great deal of potential to help SMEs and other organisations, such as charities, to engage with cybersecurity in a positive manner. Cybercriminals often consider SMEs soft targets because they aren’t considered prosperous enough to invest in cyber defences, and SMEs are also less likely to report attacks or engage with the Police or cybersecurity companies after any attack. The CRC has a great opportunity to act as an impartial body helping SMEs putting them in touch with cybersecurity SMEs who can provide a solution they need - SMEs desperately need assistance and guidance that’s relevant to them and their situation.’
What should a small business prioritise when it comes to Cyber Security?
Bergerode Consulting recommends that a business must be aware of the threats it faces. Once a business understands what it faces, it can then make informed choices about what to do.
Businesses should look to providing the security awareness training its staff needs to deal with such threats (like phishing) and also what security products it may need to purchase.
A business that is informed about threats stands a much better chance of meeting and overcoming these threats should they occur than a business which isn’t. Businesses which don’t prepare for the latest cyber threats may survive, but they will end up in a much worse situation than it was prior to the threat occurring.
What is the biggest myth in Cyber Security?
We asked Bergerode Consulting; What the biggest myth they've heard about Cyber Security? ‘Businesses must buy expensive hardware or software solutions to implement effective cybersecurity. They don’t. Effective cybersecurity, in my view, is first and foremost a set of positive behaviours which put cybersecurity on a solid footing. Just now, knowing what threats your business faces determines what choices you make about meeting these threats.'
Kevin continues ‘If a business faces a malware risk from staff using personal USBs in company workstations, some security companies will try to sell software to that business which controls the use of USBs, but such software can be expensive and it will certainly not address the reason why staff are using USBs, to begin with. Rather than buy such software, companies should seek to address why staff are using personal USBs and take ownership of the issue by updating the staff handbook to make use of personal USBs not permissible and also look to using existing software, e.g. Active Directory, to manage the use of USBs. This is more likely to address the root cause of the issue and deal with any risks that just buying a solution and being locked into an expensive support contract.'
“The CRC has a great opportunity to act as an impartial body helping SMEs putting them in touch with cybersecurity SMEs who can provide a solution they need - SMEs desperately need assistance and guidance that’s relevant to them and their situation.” - Kevin Crichton, CEO at Bergerode Consulting
For more information about Bergerode Consulting and their services, visit their website.