Achieving Cyber Essentials Plus Certification

"GKR is the largest scaffolding contractor in London and the South-East, working on epic projects such as Battersea Power Station and many of London’s skyscrapers and heritage buildings. Our reputation has been built on safety, innovation and our ability to work in complex environments.

Our role on site is to build access in even the highest risk environments, so that every other trade can work safely and productively.

Over the last 10 years, GKR has been recognised by the industry as leading the way in training, innovation, and health, safety and wellbeing.

We were recently named as Specialist Contractor of the Year 2022 at the Construction News Awards.

We are an owner operated business with over 250 members of staff working across more than 40 construction projects in the region, turning over £28m per year. Our clients include some of the largest contractors in the UK such as Mace, ISG, Sir Robert McAlpine and Wates."

Cyber Essentials is a security standard backed by the UK Government. It's regularly required to tender for government & private sector projects, and ensures best practices are followed to prevent 80% of cyberattacks.

There are two levels of Cyber Essentials; the basic certification and the Cyber Essentials Plus certification. The difference between the two levels of Cyber Essentials is that Cyber Essentials Plus goes one-step further and verifies that the five key controls are in place and working with a vulnerability scan.

GKR Scaffolding first needed to complete the basic Cyber Essentials certification before being able to take the Cyber Essentials Plus assessment.

The certification requires security measures like multi-factor authentication and strong passwords to be in place. Fortunately, the company already had strong cybersecurity protocols, which made achieving Cyber Essentials fairly easy.

Impreza IT had spent extensive time securing the company's network and ensuring that all vulnerabilities were remediated. As a result of this, the external assessment carried out by the Cyber Essentials Plus assessor was passed with relative ease.

The end result was not only reassurance for the company that its IT infrastructure was indeed as secure as believed, but also increased confidence from clients that the company adhered to the highest standards of security and handling of sensitive data.