Cyber Essentials

We offer a variety of packages starting from £320 + VAT.

Request a quote today for more details.

Cyber Essentials is a UK Government standard for technical controls to help organisations improve the level of IT infrastructure security and guard your organisation against cyber attack.

This scheme is designed to help organisations prevent highly common internet-based attacks and to implement the correct controls to protect the confidentiality, integrity, and availability of stored data on all internet-facing devices.

There are several benefits to becoming Cyber Essentials certified. It also depends on the industry sectors you work within as some government contracts require Cyber Essentials certification as a minimum.

Becoming Cyber Essentials certified confirms you are addressing cyber security effectively and mitigating the risk from internet-based threats and have met the standards set by the Cyber Essentials scheme. Certification will give assurance to stakeholders that you demonstrate compliance to the five key controls, protecting your organisation against cyber threats and this reassurance may help with winning new business.

• Protecting your organisation against the majority of common cyberattacks demonstrates to stakeholders your commitment to keeping their data secure which can lead to business retention and potentially new business.
• By having a higher level of security of your systems it will help drive business efficiencies throughout your organisation which helps improve productivity through streamlined processes and reducing operational costs.
• Bid for UK central government contracts that involve the handling of personal and sensitive information.
• Reduce your insurance premiums by increasing your resilience to cyber threats.

This all depends on your organisational needs. If you are looking to work within the public sector and bid for central government contracts than they will ask for Cyber Essentials as a minimum. If you want to demonstrate that your organisation is compliant with cyber security and takes data protection seriously and you hold sensitive data, then you may also want to achieve Cyber Essentials Plus certification.

Cyber Essentials certification is a simple process to protect your business against common cyber threats. You will need to complete a self-assessment questionnaire which is assessed by an experienced cyber security assessor. They will independently check your completed questionnaire to ensure that you have in place the recommended FIVE cyber key controls necessary to protect your organisation from the most common cyber attacks

Cyber Essentials Plus certification still has the same basic principles as Cyber Essentials but will have a more rigorous test of your organisation’s cyber security systems. It will require a hands-on technical verification with a qualified assessor to check your eligibility for Cyber Essentials Plus certification.

Become Cyber Essentials certified through three simple steps:

1. Purchase Cyber Essentials certification through our website
2. You may find it useful to review our Free online Cyber Essentials training
3. Complete the online self-assessment question (SAQ)
4. Your submission will be reviewed by an experienced assessor. If you are successful you will be issued with Cyber Essentials certification.

If you would like to extend your Cyber Essentials certification to Cyber Essential Plus certification, this must be completed within 3 months of achieving CE certification. Our sales advisors will advise you of the further steps required to apply for Cyber Essential Plus.

More details on cyber security and the Cyber Essentials and Cyber Essentials Plus scheme can be found at the National Cyber Security Centre website.

You can download a copy of the self-assessment questionnaire here and you can find further guidance on the National Cyber Security Centre website.

An authorised member of your organisation will need to sign a declaration to confirm that the assessment answers are true. A qualified assessor will then evaluate the responses. If you meet the FIVE core requirements, you will pass and receive certification.

Cyber Essentials self-assessment forms part of the application for Cyber Essentials Plus and is processed at the same time. You must meet the minimum requirements of Cyber Essentials before we process the Cyber Essentials Plus and complete the Cyber Essentials questionnaire which will verify your compliance as part of achieving Cyber Essentials Plus.

To apply for Cyber Essentials Plus you must possess a Cyber Essentials certificate, supply a copy of the Cyber Essentials questionnaire submitted, and confirm that no changes have been made to your controls since that submission.

We aim to return the result of your self-assessment as quickly as possible and certainly within your target timescales. If you have any concerns or you have a timetable you need to meet please discuss this with our adviser.

You can take as long as you want to start your assessment. Once you have started it, you need to complete it including any corrective actions identified by your assessor within one month.

If you fail the assessment, we will supply a report with the answers you gave along with the assessor feedback. This should help you improve your security so you can achieve certification in the future.

Yes, organisations overseas can get certified, contact us at [email protected] for more details on the process.

Certificates expire after 12 months, therefore, we recommend you seek to renew your certification before expiry.

Yes. We will contact you before your expiry date.

This will depend on your motivations for being certified, if you are asked to be Cyber Essentials certified, a ISO 27001 certification although more comprehensive will not show that your security levels are up to the National Cyber Security Centre (NCSC) standards.

ISO 27001 is an international standard that provides specifications for an ISMS (Information Security Management System) – a systematic approach to managing information security risk. It goes considerably further than Cyber Essentials, but they are complementary to one another.

Some government contracts may require you to be Cyber Essentials certified – it is important that you seek clarification for each contract.

Cyber security firm IASME was chosen by the National Cyber Security Centre (NCSC) to take over full responsibility for Cyber Essentials delivery and become the Cyber Essentials Partner with the NCSC. The IASME Governance standard allows small companies in a supply chain to demonstrate their level of cyber security and show that they are taking steps to properly protect their customers’ information.

From 1 April 2020 IASME Consortium took over the running of the Cyber Essentials scheme on behalf of the NCSC. You will need to use an IASME-certified organisation such as Ascentor, who are working with British Assessment Bureau, to apply for certification. Having a Cyber Essentials partner (rather than 5 certification bodies) will ensure there’s greater consistency in the way the scheme operates. It will ensure that Certification Bodies are all working to the same standard and provide a more streamlined path to certification so we can ensure Cyber Essentials remains relevant.

We understand that certification can appear daunting. Our experts are here to make sure that the process is as smooth as possible and that you gain maximum benefits.

If you find yourself struggling and need further support please contact one of our advisors to discuss options that are available to you.