Cyber Essentials
Start your Cyber Essentials (CE) journey now from £200 (plus VAT)!
We can provide CE Basic and Plus (CE+) certifications. If you need additional help, why not try our CE Basic or CE+ ‘assisted’ packages? We can also help you to implement and maintain the required controls standard with ‘virtual security manager’ services. Get in touch for pricing tailored to your specific needs.
Cyber Essentials (CE) is fast becoming the benchmark expectation for suppliers on government and defence contracts. Originally launched in 2014 by the National Cyber Security Centre (NCSC), it provides an accessible way for companies of all sizes to demonstrate their commitment to cyber security through a recognised and government-backed standard.
What does Cyber Essentials cover?
Within the Cyber Essentials scheme, there are five control categories which cover the five most-prominent cyber risks that affect organisations. These controls include the following:
A firewall should be in place between the Internet and your organisation’s internal network. This firewall should be securely configured and be reviewed regularly.
Devices and software should be configured securely to prevent them from being compromised by a malicious user or malware. Default passwords should be changed, and all passwords should be suitably complex to prevent them from being guessed. All unnecessary software should be removed from end-user devices.
Access to your organisation’s data should be controlled through correctly assigned user accounts. Administration privileges should be tightly controlled, and administrative rights should only be granted to users who have a genuine, business need for this level of access.
A robust anti-malware solution should be applied to prevent servers and end-user devices from being infected with malicious software. Cyber Essentials allows this to be achieved through conventional anti-virus software, application white-listing or by running applications in “sandboxed” environments.
All security updates and patches should be applied to devices and installed software. This ensures that security vulnerabilities are fixed and reduces the likelihood of devices and applications being compromised by a malicious user or malware.
The assessment process includes an online questionnaire which captures information to demonstrate that the five controls are in place. Once the questionnaire has been submitted, we will examine the responses to ensure that these are line with the list of requirements produced by the NCSC (National Cyber Security Centre). If successful, you will be awarded Cyber Essentials certification. This takes roughly 36-48 hours.
What are the benefits of Cyber Essentials certification?
Being Cyber Essentials certified demonstrates that your organisation has a fundamental understanding of cyber security. Cyber Essentials is a requirement for many Government contracts, being Cyber Essentials certified increases your eligibility to tender for sales into UK government departments.
Once you’re certified, we will provide you with a toolkit so you can use the logo on your website and company collateral – this is a great way to show your customers that you are a safe and secure organisation to work with.
