Cyber Essentials Certification
What is the Cyber Essentials Scheme?
Cyber Essentials is a Government-backed and industry-supported scheme that allows businesses to protect themselves from cyber-attacks. The scheme lays out a clear statement of the basic cybersecurity measures an organisation should have in place to protect themselves from the growing threat of attacks.
It is a foundation-level certification, created to provide the basic controls which organisations should have in place to reduce the risk of common cyber threats. As a result this first step protects you from 80% of the most basic cyber security breaches.
Upon completion, organisations can then move on to Cyber Essentials Plus. This is the highest level of certification offered in the scheme. It includes a more rigorous test of an organisation’s Cyber Security systems. Experts carry out vulnerability tests and as a result, ensure organisations are well protected against basic hacking and phishing attacks.
What does Cyber Essentials cover?
Managing access to administrator accounts means you can protect who has access to your data and services. Most importantly, only the people who need it.
Staying current with the latest software updates and security patches protects you against the newest cyber-attacks and vulnerabilities.
Firewalls & Routers
Creating a buffer-zone’ between your IT network and other external networks. This will ensure incoming traffic is analysed to find out if you would like to allow it access to your network.
Choosing the most secure setting for your device and software. As well as changing passwords and removing unused accounts and software will reduce the risk of a potential cyber-attack.
Using properly configured anti-malware software will protect against viruses and other malware risks. This also includes only allowing trusted applications to run.
The benefits of having a Cyber Essentials certification
Prevent around 80% of cyber attacks
Win new business opportunities & boost your reputation
Demonstrate to your customers that you take cyber security seriously
Opportunity to work with the Government
Demonstrate your commitment to data protection
Opportunity to work with the MOD (for Cyber Essential Plus certification only)
Be listed on the NCSC's database
What is the difference between Cyber Essentials & Cyber Essentials Plus?
This certification is a self-assessment questionnaire.
Perfect for businesses that want to prove a basic level of cyber security.
Cyber Essentials will ensure businesses have key cyber security controls in place.
Cyber Essentials Plus
About Cyber Essentials
Although Cyber Essentials was developed by the UK’s National Cyber Security Centre’s, it is globally recognised as a certification that enhances an organisation’s protection against data breaches and leaks. So, organisations with global customers can complete this certification and be confident of its international recognition.
Operated by NCSC
Cyber Essentials was developed and is operated by NCSC (the National Cyber Security Centre). It is the UK Government’s answer to a safer internet space for all organisations irrespective of the company size.
Work with the Government & MOD
Businesses without a Cyber Essentials certification cannot enter applications to work with the Government or Ministry of Defence. So, if your organisation wishes to do so it is important you have certification.
Valid for 12 months
Your Cyber Essentials certification is valid for 12 months. After 12 months, you must ensure the renewal of your certification. This ensures you stay up-to-date with protection from the latest cyber threats.
What is the Cyber Essentials certification process?
1. Defining the scope
Firstly starting the process will involve a conversation between your organisation and our team here at The Unite Group (as your certification body) to define the scope. Certification can apply to your full organisation’s enterprise IT or a subset.
2. Self-Assessment Questionnaire
Secondly the next step is then to complete the self-assessment questionnaire. We will assist by reviewing your application before submission to ensure it meets the Cyber Essentials scheme requirements.
This is the end of the Cyber Essentials scheme and successful applicants will be notified and receive their certificate.
3. On-Site Assessment
For those who partake in Cyber Essentials Plus, your organisation will then be required to have a technical audit which will include an internal vulnerability scan as well as tests of the in-scope systems and self-assessment questionnaire.
4. External scan
An external scan is then carried out of your internet-facing networks and applications. This is done to verify that there are no vulnerabilities. These tests are conducted off-site.
Once both the on-site assessment and external scans have been reviewed and approved, successful Cyber Essentials Plus applicants will receive their certification.
Why should you choose The Unite Group as your Cyber Essentials Partner?
Our team are fully qualified Cyber Essentials practitioners and therefore can assess your application as well as guide you through the process. We manage the entire process for you from initial audit, remedial works, and certificate issue.
The Unite Group can provide support throughout the Cyber Essentials Certification. We can also, in partnership with a certification body, guide and support your business through the Cyber Essentials Plus certifications.
We offer our Cyber Essentials support at an affordable, fixed cost – unlike many other providers.
Cyber Essentials FAQs
Why should my organisation get a Cyber Essentials certification?
Achieving the certification gives you peace of mind that you have the bare minimum cyber security measurements in place to protect your organisation against the most common basic cyber threats. It also demonstrates to your customers that you take cyber security seriously. As well as opening the door to new opportunities such as applying for government and MOD contracts.
How long does the Cyber Essentials certification take?
This is completely dependent upon your organisation. We can help ensure you have all the necessary measures in place as well as the evidence needed before beginning your application. Following on it is then dependent upon how long you take to submit the self-assessment questionnaire. After submission, you can expect to hear if your application is successful within 14 days.
The process will be longer for Cyber Essentials Plus candidates as the internal & external scans will also be conducted after the self-assessment.
Who conducts the assessments to achieve a Cyber Essentials certification?
Our team here at The Unite Group is qualified to both assist with the process as well as assess candidates for the Cyber Essentials scheme. Only certification bodies that have been trained and are currently licensed by IASME to certify against the government’s Cyber Essentials scheme can undertake assessments and issue certificates. We work in partnership to be able to provide the Cyber Essentials Plus Certification.
Where can I display my certification mark?
You can display your Cyber Essentials certification badge on:
- Your website,
- Email signatures,
- Promotional Materials,
The Cyber Essentials certification mark can be found on the ISAME portal which you will receive access to upon a successful application. It can only be displayed by organisations that have passed within the past 12 months.
If I have ISO 27001 do I still require a Cyber Essentials certification?
Yes! Although ISO 27001 is a more complex certification, some potential clients will specifically require a Cyber Essentials certification therefore both are useful to have.
If you are considering applying for both, we recommend doing this at the same time for efficiency. However, if resources are limited we recommend starting with Cyber Essentials before moving on to ISO 27001.
For both the Cyber Essentials & Cyber Essentials Plus certifications, we offer 3 levels of support packages. These vary from basic certification right up to full guidance and support throughout the process.
Our packages can be viewed below.
Prices start from just £800. Starting prices are inclusive of Cyber Essentials Cerification Fees (currently £300+VAT)
Cyber Essentials Plus
Prices start from just £1500. This price is inclusive of Cyber Essentials Plus Certification Fees.
Want to learn more about Cyber Essentials?
We have a full range of Cyber Security including Cyber Essentials blogs available to read at any time on our website!
These blogs cover all aspects of Cyber Security in greater detail as well as covering why you should consider gaining your Cyber Essentials certification to protect against any potential attacks.
We also share the latest industry news & tips to support you through the Cyber Essentials process.
Read more by following the link below!
Here at The Unite Group, we can provide support to you throughout the process. The Unite Group, are an authorised certificate issuing body for Cyber Essentials. As a result we can manage the entire process for you from initial audit, remedial works, and certificate issue.
Do you want peace of mind that your defences will protect you from a large amount of the most common cyber-attacks? Contact us today and our friendly, knowledgeable team will be happy to explain in more detail the Cyber Essentials certification process or help you take the first steps to achieve your Cyber Essentials Certification!