Cyber Essentials

Cyber EssentialsWhat is Cyber Essentials?
Cyber Essentials is an independently verified self-assessment certification which gives your business the protection against the most common cyber attacks.

The Cyber Essentials scheme was introduced in 2014, following government concern that organisations needed to better protect themselves against low level, low sophistication cyber attacks.

By achieving Cyber Essentials certification you are demonstrating your commitment to cyber resilience for your customers and staff.

Cyber Essentials is a simple and effective Government-backed scheme, supported by the Cyber Resilience Network and our trusted partners. Completing this certification helps you to put measures in place to protect your organisation, regardless of size or sector, against a range of the most common cyber-attacks. 

Is Cyber Essentials for you?
As our reliance on the internet has increased, so too has the threat of cyber and internet-enabled crimes.

All businesses and organisations are a potential target of an attack, particularly if they do not take some simple precautionary measures to protect themselves. Any company with an IT network that relies on the internet could be at risk of attack and computerised systems for payroll, marketing (via social media or a website), booking systems, customer databases including payment details or other sensitive information could be compromised. Of course, this does not just affect business. Cyber-attacks are a real risk to the third sector as well, from the small, locally run playgroup that holds a database of children’s names and addresses to larger charities delivering services to vulnerable adults.

The majority of cyber-attacks exploit basic weaknesses in IT systems and software. Most organisations would struggle to operate effectively if they lost access to their data or were not able to send or receive e-mails. By focussing on basic cyber hygiene, Cyber Essentials control measures show how to address those basic weaknesses and prevent the most common internet borne attacks.

There are two levels of certification that can be achieved with Cyber Essentials.


Cyber Essentials LogoCyber Essentials

This first tier challenges your organisation to assess against five basic security controls and a qualified assessor will then verify all the information you've provided. This assessment includes Access Control, Secure configuration, Software Updates, Malware Protection and Firewalls.

By achieving the Cyber Essentials certification, you can:

  • Give a clear picture of your organisation’s cybersecurity level.

  • Attract new business with the promise you have cybersecurity measures in place.

  • Reassure existing customers that you are working to secure your IT against cyber attack.

  • Be prepared for any Government contracts that require Cyber Essentials certification.

You can achieve your Cyber Essentials certification with the help of our Trusted Suppliers.


Cyber Essentials PlusCyber Essentials Plus

Cyber Essentials Plus is the second tier in your Cyber Essentials journey, this second stage involves a technical audit of your systems by independent professionals. By achieving this certification you are providing a higher level of assurance that your organisation has a strong cyber resilience regime with correctly implemented controls in place to maintain a robust defence against cyber-attacks.

By achieving the Cyber Essentials Plus certification, you can:

  • Demonstrate your cybersecurity commitment by displaying the Cyber Essentials Plus certificate and badge on your website and marketing material.

  • Attract new business with the assurance that your cybersecurity measures are in place.

  • Apply for government contracts that requires Cyber Essentials Plus certification.

You can achieve your Cyber Essentials Plus certification with the help of our Trusted Suppliers.