Cyber Essentials icon

Cyber Essentials

Take the stress out of certification with support from our experienced Cyber Essentials Assessors.

What is Cyber Essentials?

Cyber Essentials is a government-backed framework designed to mitigate the risk of common, avoidable vulnerabilities and help improve the security posture of your business. It is mapped against five technical control themes: Access Control, Firewalls, Secure Configuration, Malware protection, and Security update management.

We'd love to help you achieve Cyber Essentials, so if you'd like a quote please click here and provide us with the information we'll need to get you a price and a delivery date

Ready to talk?

Benefits of certification

Protect your organisation from 80% of common cyber-threats

Certification will give you peace of mind that your IT security is ready to defend your business against a vast majority of common, easy to exploit cyber-attacks that are aimed at targets that do not have the five controls in place

Bid for Government, public sector and supply-chain contacts

Cyber Essentials is the minimum certification you will need to bid for many new public sector contracts.

Free Cyber Insurance or reduced premiums

Some organisations may qualify for free cyber insurance with a liability cap of £25,000, while others who are not eligible may receive lower premiums from some insurance providers upon reaching Cyber Essentials Status

Increased credibility and marketing strategy

Some organisations prefer to collaborate with those who take cyber security seriously. With Cyber Essentials, you can demonstrate that you have met the standard and a badge is available to display on your website and in your documentation

Ready? How to get certified

Our process for gaining certification has been created to ensure your journey to better security hygiene is simple and stress-free:

1

Speak to one of our trained consultants

2

Complete the self-assessment

3

We review your submission and support you were required

4

Gain certification within 30 days

To avoid an opportunist attack, Cyber Essentials examines your basic security hygiene.

Firewalls

Best practice setup of devices are designed to prevent unauthorised access to, or from, private networks.

Cyber Essentials 5 technical control themes

User Access Control

Ensures that user accounts are only assigned to authorised users and that only the applications, computers, and networks necessary for the user to accomplish their task are accessible

Secure configuration

Ensures that computers and network devices are properly configured to reduce the level of inherent vulnerabilities and provide only the services required to fulfil their role.

Malware protection

To ensure that the execution of known malware and untrusted software and to prevent harmful code from causing damage to accessing sensitive data.

Security Update Management

Ensuring you have a process to deploy the latest supported versions of operating systems and applications that contain security fixes for known vulnerabilities.

Cyber Essentials or Cyber Essentials Plus?

Cyber Essentials is a self-assessed questionnaire centred on the implementation and management of five technical controls.

Self-Assessment offers the minimum amount of IT Security all UK businesses should be meeting that will defend you against the most common cyber threats. To complete the questionnaire, you must review these controls, ensure they are implemented and configured correctly. This is reviewed and marked by a Claranet Cyber Essentials Assessor.

Cyber Essentials Plus is a physical verification of the controls you declared within the self-assessment and includes an additional vulnerability assessment.

Claranet will run up to 7 tests against a sample of end-user devices to check that controls are in place and working effectively. Vulnerability assessments offer peace of mind that external attack surfaces meet compliance.


What are the benefits of upgrading to Cyber Essentials Plus?

Cyber Essentials Plus offers additional peace of mind that the controls you have in place are working. An Assessor will simulate a range of common threats against your end-user devices and external attack surface to see how they withstand. This is close to a real attack within a controlled environment

For some supply chains and Government tenders, full certification is a prerequisite. So gaining Cyber Essentials Plus now will help you get ready if this might impact your organisation.

When you gain Cyber Essentials PLUS, you get the badge to promote your achievement. This can improve your credibility and offers a point of differentiation.

Demonstrate your commitment to cybersecurity


Cyber Essentials

  • Access support from a qualified assessor
  • Expert guidance and advice from experienced penetration testers
  • Fully online service, delivered remotely
  • We review questionnaire responses with you to ensure they meet the standards set by Cyber Essentials
  • Receive your results and certification on the consultancy day (Provided all client tasks are complete)

Cyber Essentials Plus

  • 3 main elements – Cyber Essentials Basic, Technical Audits, Reporting
  • Technical audits delivered remotely or onsite
  • Includes external vulnerability scan
  • Progress tracked, updates and results provided through online portal
  • Expert guidance and advice from experienced penetration testers

Ready to talk?

Our accreditations

iso 9001 accredited
iso 14001 accredited
iso 22301 accredited
iso 27001 accredited
iso 27017 accredited


FAQs

Certification Questions:

  • Why should we get Cyber Essentials?

  • What’s the difference between Cyber Essentials and Cyber Essentials Plus?

  • We only require Cyber Essentials right now, can we come back for Plus?

  • Is Cyber Essentials a “one-off”?

  • We passed last year does this guarantee a pass on our renewal?

Service Delivery Questions:

  • What is the process for getting certified?

Technical Questions:

  • What are some common failure points for both assessments?

  • I can’t achieve compliance with certain areas of my organisation, what can we do?