Stay secure with Cyber Essentials
Certification prevents over 99.3% of cyber-attacks.
What is Cyber Essentials, and how does it help?
Cyber Essentials is a government-backed scheme developed by the National Cyber Security Centre (NCSC). Ensuring you have the basic cyber-security measures helps prevent over 99.3% of all cyber attacks.
Just five controls are needed to secure most vulnerabilities, including malware, ransomware and phishing. Certification is available to businesses of all sizes across the UK. Once achieved, your business will demonstrate that you take cyber security seriously. You’ll also gain a competitive advantage, opening up new revenue opportunities.
We are committed to fighting back against the threat of cybercrime; let us protect your business.
Prevent 99.3% of the most common cyber threats
Why you should consider the Cyber Essentials Scheme
Achieving certification means you are committed to protecting your data. Not only that, it indicates you take securing your customers’ and clients’ data seriously too. The certification increases your business reputation and shows you take preventative actions to reduce the threat of cyber-attacks.
Win new contracts
If your business wants to bid for government contracts, you must be Essentials certified. New business opportunities can open up as you demonstrate to business partners and new clients that you are working in a safe and secure digital environment.
Get peace of mind
When implemented, five technical controls will help your organisation protect from 99.3% of common cyber-attacks. This will tighten your overall security and give you peace of mind. These five controls cover the following areas: internet access, system configuration, system updates, user access, and malware protection.
Free cyber security insurance
Once you meet the requirements of the Cyber Essentials scheme, your business is eligible for cyber insurance cover . If your business is UK based, with a turnover of less than £20m, you can save up to £100,000 if the worst happens.
Five security controls for Cyber Essentials certification
There are just five things that need checking to ensure your business can protect against cyber-attacks. These controls cover the most common vulnerabilities in your IT infrastructure.
Firewalls and gateways
To get certified, you need to have a properly configured firewall to protect all your devices. Particularly those that connect to public or other untrusted Wi-Fi networks.
Minimise the potential damage that could arise if an account is misused or stolen. Extra permissions should only be given to those who need them.
You must keep all software and hardware up-to-date. Software must be licensed and supported, removed from devices when no longer needed, and enabled automatic updates.
Always check the settings of your new devices and software and aim to make changes that increase your security level. Remove any unneeded functions, accounts, or services.
Malware is short for malicious software. Every device and server needs a powerful anti-malware solution to prevent being infected by malicious software.
Cyber Essentials or Cyber Essentials Plus: what’s the difference?
Keep your business safe with our cyber security packages
Cyber Essentials is built to be straightforward. It checks that an organisation’s IT infrastructure and internet-connected computers are protected against common vulnerabilities.
How is it implemented?
- Once you have the five basic controls in place, you will fill out a self-assessment questionnaire (SAQ).
- Our team of experts can guide you every step of the way, and we will check that your business has the five controls in place.
- We will implement the software or policies required to guarantee a pass if we spot any weaknesses, then send your questionnaire to our accredited assessor (CyberSmart) to check against the five controls.
- If your business is compliant, you will be issued the certificate (usually within 24-hours). The certificate is valid for 12 months from the pass date. However, please be aware this must be renewed annually.
- Once your business is certified, you will be issued with Cyber Essentials branding for your marketing material and receive automatic cyber security insurance cover up to £25,000.
Cyber Essentials Plus requires the same five security controls but differs in one crucial aspect. The ‘Plus’ credential includes an independent assessment carried out by a licensed auditor.
The check includes:
- Testing anti-malware software by sending emails.
- Checking for outdated software on a device.
- Testing how different users access files.
When the auditor body considers your technical controls acceptable, you will be certified. As a result, you’ll earn a place on the UK government’s directory of Cyber Essentials Plus compliant organisations.
The cost of the Essentials Plus certification will depend on the size of your business and whether you require our cyber security consultancy service to get you to the Plus standard. We use one of the very few certifying bodies to carry out a remote Essentials Plus assessment. This keeps costs down.
Plus offers absolute assurance that correct controls are in place through the use of an impartial third party. Customers and partners don’t have to take your word that you are cyber secure – they can rely on the expertise of a professional.
Our Cyber Security Essentials package gives you everything you need to gain your Cyber Essentials certification. We will guide you through the whole process, including in-depth consultations with our cyber security experts.
CyberSmart Endpoint Application: Monitors all business devices 24/7 to ensure ongoing compliance with Cyber Essentials. It checks for the most up-to-date applications, operating systems, and firewalls.
Keeper Password Manager: Prevent data breaches by securing your business passwords. Improve employee productivity and meet Cyber Essentials compliance.
BitDefender GravityZone: Fights against ransomware, viruses and malware to prevent computer slowdowns. An industry-leading, trusted solution that gives peace of mind.
ConnectWise Automate Remote Management & Monitoring: A remote monitoring and management (RMM) tool allowing proactive and reactive monitoring of endpoints, networks, computers, and software.
Vade Secure for Microsoft 365: AI-based Email Security bolts itself onto Exchange Online Protection as a complementary layer of protection. Protects users against the most complex email-borne attacks for complete peace of mind.
Acronis Microsoft 365 Backup: Microsoft 365 files are only replicated in the cloud by Microsoft, so any accidental or malicious deletes means data could be gone forever. Acronis will effortlessly backup SharePoint Online, OneDrive for Business, Exchange Online and Teams. Safe, easy, secure.
Our Cyber Security Plus package gives you everything you need to gain your Cyber Essentials certification. Plus:
Endpoint Detection & Response: Proactive real-time continuous detection and response and long term threat hunting in a user-friendly fashion.
Security Awareness Training: More than ever, employees are the weak link in an organisation’s network security. They are frequently exposed to sophisticated phishing and ransomware attacks. Employees need to be trained and remain on their toes with security top of mind.
We will guide you through the whole process, including in-depth consultations with our cyber security experts. We will also arrange the remote assessment and vulnerability tests.
Cyber Essentials Scheme FAQs
How much does Cyber Essentials certification cost?
Cyber Essentials (verified self-assessment) costs £650 + VAT.
The cost of a Cyber Essentials Plus assessment will depend on the size of your business and the complexity of your network. Please contact our team for a free estimate.
Do I have to get Cyber Essentials before going to Cyber Essentials Plus?
Yes, you need to be Cyber Essentials certified before progressing to Cyber Essentials Plus. Please note that you can complete your Cyber Essentials Plus audit within 3 months of your last Cyber Essentials certification.
How quickly can I be Cyber Essentials certified?
Certification can be as quick as 24 hours. We always do our best to get the results back to organisations as quickly as possible. It usually takes IASME (the certification body) 1 – 3 working days from submitting your assessment. If you need it quicker, please let us know, we can try to fast-track your assessment.
“In SoConnect we found a partner who took the time to understand our business requirements.”
News and Views
With the global rise in cybercrime, businesses face a multitude of IT Security challenges. Read how overcome them.
Are you ignoring security because you think it won’t happen to you? Truth be told, no one is immune.
Cyber Essentials certification is the first step in taking your business’ cybersecurity seriously.