Question to the Department for Digital, Culture, Media & Sport:

To ask the Secretary of State for Digital, Culture, Media and Sport, pursuant to the Answer of 11 July 2017 to Question 1540, on small businesses: cybercrime, what steps the Government is taking to improve uptake of the Cyber Essentials scheme among small and medium-sized enterprises.

Cyber Essentials is a key part of the wider set of guidance offered to small and medium-sized enterprises (SMEs) by the National Cyber Security Centre (NCSC), the Cyber Aware campaign and other Government partners, such as law enforcement. Currently, on Cyber Essentials the Government is:

• working with the NCSC to engage with industry partners and trade organisations to promote the benefits of Cyber Essentials;
• renewing procurement guidance stating that Government suppliers which handle sensitive data or supply certain IT products and services must hold a Cyber Essentials certificate;
• working with major businesses, including FTSE 100 companies, to encourage take-up of Cyber Essentials amongst their supply chains;
• about to start a short marketing campaign which will run this summer encouraging SMEs to take up the scheme.

The NCSC is taking a number of steps, with partners, to protect SMEs and their customers from the harm caused by cybercrime. This includes the provision of entry-level advice to SMEs. NCSC is taking forward work to help SMEs better understand the benefits and how to achieve Cyber Essentials certification.