What is Cyber Essentials?

Cyber Essentials is a UK Government operated scheme that was introduced in 2014 by the National Cyber Security Centre (NCSC) to offer small-medium sized businesses a straightforward and affordable way to tackle the growing cyber threat and achieve a good standard of cyber security.

By aligning with the five critical technical controls that make up the Cyber Essentials standard, businesses are able to protect themselves from up to 80% of common internet-based attacks as well as demonstrate to clients and prospects that they take cyber security and data protection seriously.  

To get certified, an organisation must work with an approved Certification Body operating under The Information Assurance for Small and Medium Enterprises Consortium (IASME), who can mark the Cyber Essentials assessment upon completion.


The 5 Technical Controls

Secure Configuration

Ensure settings and systems are configured correctly.

Internet Firewalls

Ensure internet devices have activated firewalls.

User Access Control

Ensure employees only access the data they need.

Malware Protection

Ensure data is protected from malware/viruses.

Patch Management

Ensure systems and software are up to date and secure.

Cyber Essentials is an important part of the NCSC’s mission to, “make the UK one of the safest places to live and do business on-line.” 

If you haven’t consciously implemented Cyber Essentials, you could be vulnerable to attack right now.


What's the difference between Cyber Essentials Basic and Plus?

There are two levels of certification to the Cyber Essentials scheme. In its most basic form, Cyber Essentials can be achieved by completing a self-assessed online questionnaire, with the answers checked by a qualified Certification Body to determine whether that business aligns with the standard.

The highest level of certification, Cyber Essentials Plus, involves an in-depth scan and vulnerability analysis of an organisation’s systems by a qualified assessor who will personally verify whether or not the standard is being met. 


The Ultimate Guide to Cyber Essentials​

We’ve answered every question you’ve ever had about Cyber Essentials and put it into one document.

You can download and read this document for free here or access it via our blog

Download Now

Why do businesses need Cyber Essentials?

With cyber threats growing in sophistication and frequency every day, businesses need to have adequate protective measures in place to avoid being victim to a cyber attack. Cyber Essentials offers an achievable starting point for every business across all sectors, focusing on the absolute fundamentals of good cyber security.

The National Cyber Security Centre and many professional associations and regulatory bodies including The Law Society and The Financial Conduct Authority (FCA) have strongly recommended that organisations align with the standard to demonstrate their commitment to cyber security. Complying with the standard is also increasingly becoming a prerequisite for tenders in both public and private sectors, including all MOD and NHS contracts.

Further benefits of the Cyber Essentials certification include:

  • Gain insight into the security posture of your organisations and its vulnerabilities
  • Free cyber insurance and reduction in premiums for more comprehensive cover 
  • Increased business opportunities and an advantage over competitors
  • Improved relationships with suppliers, partners and clients

Learn more about the benefits of Cyber Essentials here.

Interested in Cyber Essentials?

Cyber Tec Security is a company registered in England and Wales. Registered number: 11564199.
Registered office: Suite 2, 4th Floor, Canningford House, 38 Victoria Street, Bristol, BS1 6BY

Copyright © 2020 Cyber Tec Security
contact@cybertecsecurity.com | Data privacy statement