Cyber Essentials

Cyber Essentials is a government backed certification that helps you demonstrate your commitment to cyber security and protecting your users data which is managed by the NCSC. Cyber Essentials has been designed to be a simple, but yet effective certification which will help protect your business against the most common cyber threats.

Hows does it work?

The Cyber Essentials scheme is based upon a set of five security controls which listed below, when correctly deployed, will provide you with a level of protection from the most common cyber security threats. These controls apply to a defined scope, which could be part or all of your company, depending upon your needs.


By ensuring that your boundary firewalls are configured to only allow authorised inbound and outbound traffic, this will help to effectively protect your business against cyber threats.

Secure Configuration

By ensuring that security controls have been agreed and put in place when installing computers and mobile/network devices, will help ensure that configurations in default settings are reduced.

Access Control

By making sure that user accounts are configured with only the level of access which is needed will help reduce network wide threats. Using the principle of least priviledge access should be applied to all accounts.

Malware Protection

Making sure you have proper malware protection in place on all devices will help you protect your business against cyber threats such as ransomware, spyware and virus which may run throughout the network.

Patch Management

Keeping software up to date with the latest security updates is important and helps reduce the changes of devices being compromised. You should also ensure third-party software is kept up to date.

Why do I need Cyber Essentials?

By implementing the five defined controls throughout your business you can help to protect your business against 80% of the most common cyber-based threats.

Cyber Essentials Levels

There are two levels, the basic, which is a self-assessment version which needs to be completed first. The second, is the Plus version which is is an onsite audited version and requires that the basic version has been completed within 3 months assessment.

Cyber Essentials

Cyber Essentials Basic

A basic self-assessment of your business detailing your security stance against five controls.

Cyber Essentials

Cyber Essentials Plus

A higher level, onsite audit of your business checking you against your self-assessment and environment.

Frequently Asked Questions

Copy link
Powered by Social Snap