New Research: Monday 20th November 2023
The majority of recruitment firms do not align with the Government’s minimum level of cyber security standards, a new study by recruitment-specialist IT services company Atlas Cloud has found.
Teaming up with APSCo, Atlas Cloud cross-referenced the leading industry body’s member portfolio with IASME’s official website of published Cyber Essentials certifications. Of the 584 recruitment agencies, just 15% had been certified within the last 12 months.
Cyber Essentials is a simple self-assessment accreditation process that the Government introduced in 2014. It’s designed to help UK organisations confirm they have a minimum level of cyber security protection in place, with the accompanying certification helping businesses demonstrate externally that they take data protection seriously.
The UK Government recommends (and in some cases mandates) Cyber Essentials certification for public sector contracts, meaning 85% of agencies are making themselves unfavourable for public sector work.
Moreover, the study raises questions about the seriousness of the industry’s desire to protect the personally identifiable information of its candidates. Agencies pride themselves on their ability to harness this valuable data – often including IDs and payroll data when providing temp services – yet seem unwilling to demonstrate their due diligence externally through what is widely considered to be the most basic and lowest-cost accreditation.
It is not clear from this study if agencies are choosing to manage cyber defences in ways other than aligning with the Cyber Essentials standard. Separate research from Atlas Cloud earlier this year did, however, uncover widespread security loopholes across the industry – including finding evidence of one or more breached employee passwords at over three-quarters of agencies.
Breaches in the recruitment and staffing sector are particularly harmful due to the importance of data in the industry. Atlas Cloud’s case study from last year details the knock-on effect a breach has on an agency’s reputation.
Pete Watson, CEO of Atlas Cloud, offers some advice to recruitment bosses:
“If you’ve already sorted the basics, Cyber Essentials is an easy accreditation to achieve – unlocking your agency to more public sector roles and arming consultants with another reason to choose them.
“If you’ve not [sorted the basics], you’re carrying a level of risk that I don’t believe any individual would be comfortable with if well-informed on the subject.”
Pete Watson – CEO, Atlas Cloud
Atlas Cloud is currently offering £100 off Cyber Essentials certifications until the end of the year. An APSCo Trusted Partner and REC Business Partner, Atlas Cloud is a recruitment-specialist managed IT and cyber security services provider – helping agencies large and small scale faster with fewer risks.
GET CYBER ESSENTIALS CERTIFIED
To celebrate our latest research, we’re offering recruitment agencies £100 off Cyber Essentials certifications until the end of the year.