Mercian Labels secures Cyber Essentials Plus
Mercian Labels has been accredited to the highest ‘plus’ level of the leading UK Government endorsed Cyber Essentials Plus (CE+) security standard, demonstrating that the company has robust procedures and protections in place and its manufacturing facility is resilient against cyber-attacks.
Cyber Essentials Plus is a UK government-backed scheme independently verified by an accredited external penetration tester who conducts a series of technical assessments across various attack vectors to ensure the company is sufficiently protected. These include boundary firewalls, secure asset configuration, internal vulnerability scans, MFA enforced accounts, patch management, user access controls, malware protection, and mobile assets.
‘Cyber-attacks are becoming more sophisticated and frequent today, and the technical controls you need to deliver a resilient manufacturing platform in labeling are very challenging,’ said Dr Adrian Steele, managing director of Mercian Labels. ‘We started our journey towards this standard two years ago and are delighted to have now achieved the highest Cyber Essentials Plus standard, building our basic Cyber Essentials certification in 2021.
One of the Mercian Labels’ biggest customers drove the company to accredit to the top CE+ standard as the profile of high volume variable barcode labeling is particularly sensitive.
The assessment included cyber security hackers trying to breach the company’s cyber defenses in many different ways, including firewall penetration tests, email malware, malicious browser downloads, and internal vulnerability scans probing for weaknesses. Many computers were ‘attacked’ in many different ways, and all passed the assessment.
‘It’s a big step up from the basic Cyber Essentials standard. It was particularly tough to ensure compliance on our large printing and converting machines with built-in operating systems using ‘Industry 4.0 smart factory’ connections to our network and ERP systems, as these are typically built to be standalone machines and not configured to be on a secure network and resilient to attackers,’ added Steele. ‘Enforcing multi-factor authentication for all our users and systems was also a new requirement on our staff across the business. Our team has a broad spectrum of abilities in IT, like any organization, and MFA for system access was new for some.
‘This independent certification sets us apart from our competitors in the market and shows Mercian Labels’ customers and other stakeholders that we take the security of our information and theirs very seriously and are highly resilient against a crypto locker and other potentially catastrophic attacks.’
Stay up to date
Subscribe to the free Label News newsletter and receive the latest content every week. We'll never share your email address.
