About Cyber Essentials
What is Cyber Essentials?
Cyber Essentials is a Government-backed and industry-supported scheme that helps businesses protect themselves against the growing threat of cyber attacks and provides a clear statement of the basic controls organisations should have in place to protect themselves.
It is the UK Government’s answer to a safer internet space for organisations of all sizes, across all sectors. Developed and operated by the National Cyber Security Centre (NCSC), Cyber Essentials is considered the best first step to a more secure network, protecting you from 80% of the most basic cyber security breaches.
Gaining Cyber Essentials certification also enables organisations to showcase their credentials as trustworthy and secure when it comes to cyber security.
The certification defines a focused set of controls which provide clear guidance on basic cyber security for organisations of all sizes and offers a sound foundation of cyber security measures that all types of organisations can implement at a low cost.
- Cyber Essentials is a foundation level certification designed to provide a statement of the basic controls your organisation should have in place to mitigate the risk from common cyber threats.
- Cyber Essentials Plus is the highest level of certification offered under the Cyber Essentials scheme.It is a more rigorous test of your organisation’s cyber security systems where our cyber security experts carry out vulnerability tests to make sure that your organisation is protected against basic hacking and phishing attacks.
What is the difference between Cyber Essentials and Cyber Essentials Plus?
The basic Cyber Essentials package includes access to the online self-assessment questionnaire, Cyber Essentials branding for your business (to include on your website, emails etc), as well as Cyber Essentials certification valid for 12 months upon successful application. This costs £300 + VAT.
Cyber Essentials Plus offers extensive support throughout the Cyber Essentials application process. On top of the Cyber Essentials certification – valid for 12 months – and the branding for promotional use, your organisation will receive dedicated helpdesk support, on-site assessment in your company HQ and absolutely no resubmission fees. The price for Cyber Essentials Plus is £2500 + VAT.
Why become Cyber Essentials certified?
Cyber Essentials certification indicates that your organisation takes a proactive stance against malicious cyber attacks. In addition, it offers a mechanism to demonstrate to customers, investors, insurers and others that you have taken the minimum yet essential precautions to protect your organisation against cyber threats.
The National Cyber Security Centre states that undertaking the Cyber Essentials certification process and implementing even one of the five controls required by Cyber Essentials can protect businesses from around 80% of attacks.
Additional benefits of the certification include:
- Reassure customers that you are working to secure your IT against cyber attack
- Attract new business with the promise you have cyber security measures in place
- You have a clear picture of your organisation’s cyber security level
- Some Government contracts require Cyber Essentials certification
Cyber hackers are becoming more intelligent and have adapted to many counter-hacking measures. The Cyber Security Breaches Survey 2020 reports that the nature of cyber attacks has changed over the years. Since 2017 the number of businesses experiencing phishing attacks has jumped from 72% to 86%, although there has been a drop in businesses experiencing viruses or other malware attacks, from 33% to 16%. There has never been a better time to become Cyber Essentials certified.
COMPLY - PROTECT - PROMOTE
Cyber Essentials provides organisations with clarity on what essential security controls they need to have in place to reduce the risk posed by threats on the internet with low levels of technical capability.
- Comply and win more contracts with the MOD*
- Demonstrates control of your business network security
- Protect against 80% of common cyber attacks
- Protects your business from data theft
- Helps drive business efficiency and cost saving
- Promote your commitment to cyber security
* You need to have Cyber Essentials certification if you are looking to win contracts involving the transfer or generation of Ministry of Defence Identifiable Information (MODII).
Why Cyber Essentials is important for SMEs
No matter how small your organisation is, you are likely to be connected to a possible target of a cyber attack. Suppliers, third-party vendors and larger organisations are all part of wider ecosystems which are interconnected with each other.
The impact of a cyber security breach will be felt all the way down the supply chain to SMEs and microbusinesses. Therefore, organisations need to ensure they are not the weakest link in the supply chain by evaluating their threat profile and implementing strategies and employee training in cyber security. This can be difficult for organisations that are just starting out.
How Cyber Essentials can help?
Cyber Essentials is a widely recognised, government-accredited scheme which protects organisations from the most common cyber security attacks. Organisations not only benefit from the basic protection that Cyber Essentials gives, but achieving certification also shows that your organisation is more trustworthy and reputable in taking cyber security seriously. What is more, if your organisation is looking to win public sector contracts, Cyber Essentials is a mandatory requirement to submit a bid to some buyers. *
Steps to get certified
Step 1: Purchase Cyber Essential Basic which is £300 +VAT
Step 2: Then complete the Self-Assessment Questionnaire and submit the form on the IASME portal (logins for this portal will be sent via email, password logins will be sent via SMS post-purchase)
Step 3: Once you have submitted the Self-Assessment Questionnaire, if successful you will receive your PDF certification.