UK businesses need a minimum standard in cyber security protection, petition urges

A petition launched with the backing of IT and cyber security leaders has been launched by tech firm Evaris, to encourage the UK government to improve cyber security in British business.

The petition is intended to increase pressure on Downing Street to make the National Cyber Security Centre’s (NCSC’s) Cyber Essentials Scheme compulsory, so that businesses put more safeguards in place to offset risk of cyber-attack, and to reduce the financial bill cyber-crime currently presents to the UK economy and public. The Cyber Essentials Scheme is currently optional.

A recent study, named the Cyber Security Breaches Survey, found that less than three in ten (27% of) businesses have a formal cyber security police presence in place, while bigger firms said they suffered around 12 cyber-attacks each year. Medium-sized firms reported six attacks per year.

Taking action on the results of the survey, Manchester-based Evaris, is trying to get UK enterprise to wake up to the growing crisis situation by doing more to stop these attacks from taking place.

Creators of the petition hope that smaller firms – those with up to 50 staff – and medium-sized firms that employ between 51 and 250, should qualify for the Cyber Essentials scheme. Bigger operations, such as businesses that employ more than 250 staff, should meet the criteria for the Cyber Essentials Plus programme.

As reported by The HR Director, Solutions Architect at Evaris, Terry Saliba said:

“Data shows that more than four in ten businesses experienced a cyber security breach in the past 12 months, and these are becoming increasingly sophisticated and costly for businesses across all industries.

“Unfortunately, we still see that many firms are failing to understand the extent of this issue, and so we believe this petition is vital for establishing a compulsory baseline adhered to by all businesses.

“We’re extremely pleased to see our campaign to make Cyber Essentials compulsory for all companies has gained the support of industry bodies. These organisations see the extent of the damage caused by a lack of IT security and training on a daily basis.”

Vince Warrington, CEO of Protective Intelligence, says:

“I’m supporting the petition because I’ve had to deal with the consequences of cyber-attacks and seen the destruction they can cause.

“At the moment, far too many companies still see cyber security as a ‘nice to have’ rather than an essential part of everyday business, or feel they don’t understand what they need to do to protect themselves. But cyber-attacks are not going to simply disappear – the criminals behind them will target your business if you haven’t taken even the most basic steps to keep them out.

“By driving all companies to adopt Cyber Essentials the government can not only create a good level of basic cyber hygiene across UK Plc, but also create a regular flow of work small cyber security businesses can themselves bring onboard new staff and train them up, thus reducing the predicted shortfall in qualified cyber security experts that the country will need in the decades to come.”

Applicant businesses to the Cyber Essentials Scheme must:

-Use a firewall to secure their web connection

-Choose the strongest security settings for their devices and software

-Control who has access to information and services

-Have protection against software viruses and other malware

-Keep devices and software current


Join our free-to-attend digital event, Last Thursday in Privacy, addressing data protection, privacy and security challenges including working from home, COVID-19, global regulations and more. Visit

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.