About Cyber Essentials

Home / About Cyber Essentials

What is Cyber Essentials

• Developed as part of the UK’s National Cyber Security Programme;
• Aimed at businesses and organisations of any size to help them achieve a baseline of good cyber security practice;
• Backed by industry specialists;
• Designed to provide an overview of an organisation’s ability to mitigate the risks from Internet-based threats;
• Also applicable to all private and public sector organisations, universities and charities;
• Offers two levels of certification: ‘Cyber Essentials’ and ‘Cyber Essentials Plus’.

Why is Cyber Essentials certification important for any organisation?

• It identifies the required controls believed to shield companies from up to 80% of the common threats from the internet;
• UK Government departments now require suppliers bidding for particular contracts to be Cyber Essentials certified;
• Expected to be a major requirement to win business in many other sectors in the future;
• Some Insurance companies now offer incentives for organisations that are Cyber Essentials certified;
• Enables a company to demonstrate to their customers and stake-holders that their data is adequately protected and that they take cyber security seriously.

UK Government Logo

 

 

 

QG Logo

 

The Cyber Highway Logo

Levels of Certification

CE Logo

Cyber Essentials

Requires a company to successfully carry out a verified self-assessment of a series of key cyber security controls: Boundary Firewalls and internet gateways, Secure configuration, Access control, Malware protection and Patch management. Cyber Essentials certification is awarded once this self-assessment has been presented for review, along with relevant supporting evidence, to an approved Certification Body. The company’s submission should be approved by a senior executive such as the CEO.

Take The Cyber Highway
to Cyber Essentials
Certification
CE+ Logo

Cyber Essentials Plus

Includes the criteria for basic Cyber Essentials compliance, but introduces a higher level of assurance through the external testing of the organisation's cyber security approach. This typically requires conducting a vulnerability assessment and penetration testing, before certification can be awarded.

Take The Cyber Highway
to Cyber Essentials Plus
Certification