Silverstone Park company EDM Precision Technologies has boosted its chances of continuing to land major manufacturing contracts in areas such as aerospace, defence and nuclear by investing in the latest Government-led procedures in cyber security.
The company is one of the very best in the UK in wire and spark erosion – an application that cuts metals to create incredibly complex and intricate designs as supplied by clients.
Like many high-tech SMEs in the Silverstone Technology Cluster, EDM is relied on by major industries, such as automotive, aerospace, defence, F1, marine, medical, nuclear and oil and gas.
To enhance its offering, it has put in place new IT security systems to earn Cyber Essentials Plus certification from the Government.
As Managing Director Paul Waldron explains: “It’s all about protecting data, whether it’s yours or that of a customer – IP, customer lists, financial information, quotations, pricing… All these elements are so important to your own business so you do not want it getting into the wrong hands.
“In many ways SMEs are at greater risk than the bigger companies because they don’t have lots of in-house IT professionals to support them.”
Paul is quick to point out the consequences of not being prepared for an attack by hackers.
He adds: “It could be someone ‘phishing’, analysing your keyboard behaviour and then holding you to ransom by getting onto your system and locking you out from files on your computer system. You wouldn’t be able to work and this is something that is really happening – look at what’s just happened to the NHS.
“I’ve seen statistics showing the cost of cyber-crime being put at £280 billion a year worldwide – £11b of that is in the UK. These are crazy numbers with a lot of small companies being affected, not just large businesses.”
Having stood out as a company that can serve the highly sophisticated, never-ending demands of F1, EDM increasingly become the place for companies in other sectors to turn to… Indeed, they now account for around 80 per cent of EDM’s workload, with one area standing out in particular.
“Defence and other Government contracts make up a growing element of our work,” continues Paul. “Cyber Essentials certification is now mandated for all UK central civil government contracts.
“This in short, means that you can forget about winning MOD and other sensitive Government work if you don’t have as a minimum Cyber Essentials certification. And if you deal with official sensitive and above data then Cyber Essentials Plus is required and that is what we’re achieving.
“Ultimately when we are sure we’re ready a Government-approved third party will be tasked with trying to penetrate our IT systems; if they fail we will be able to achieve Cyber Essentials Plus.”
EDM’s decision to increase online security is borne out of both responsibility and necessity if it is to maintain its levels of excellence. So, what’s involved?
Paul concludes: “I recommend that small businesses visit the excellent Gov.co.uk Cyber Essentials website and follow the guide – it is quite involved, will take some time and is likely going to change the way you maintain and protect your IT systems, in addition to ensuring you have encrypted data storage.
“It will also probably involve putting in place better processes and procedures regarding things like two-step verification of passwords, IT access removal when employees leave, the use of USB devises and more.
“Improving IT security will take some effort, but it’s not difficult. It is really about good practice, thinking how you do stuff and making sure you keep info secure.
“We take security of our assets and that of our customers really seriously and I would suggest other businesses do the same and protect themselves against the massive impact of cyber crime.”