0333 0431133

Cyber Essentials Certification

All businesses, large and small, have an obligation to protect themselves from online threats. Cyber Essentials is a cyber security certification scheme which helps businesses prove that they have good cyber security measures in place and suitable processes and procedures needed to protect against cyber-attacks.

Within this article we will explain the requirements needed to obtain Cyber Essentials Certification including an explanation of the five key areas of control, how to achieve the certification and the benefits of doing so.

What is it?

Cyber Essentials is a government-backed, industry supported scheme to help organisations of all sizes and sectors to protect themselves against common online risks and cyber-attacks. The certification demonstrates to an organisation’s customers that they have properly implemented the following five basic controls to help protect against unskilled internet-based attackers using tools which are freely available on the internet to access the organisation’s systems.

The Five controls

The scheme identifies five fundamental security controls that organisations should have in place to secure themselves against common cyber threats. These are as follows:

  • Boundary firewalls and internet gateways: use of a firewall to protect all devices by blocking attackers and other external threats
  • Secure network configuration: computers and the organisations network devices need to be securely configured
  • Access control: controls in place for who has access to data and services including passwords and administration privileges to help prevent insider threats
  • Malware protection: tools in place to prevent computers being infected with malicious software such as viruses
  • Patch management: regular software patching and licensing updates to ensure security and optimal software performance


How do you get it?

The first step is to select a certification body by one of the accredited government bodies that can be found on their website. You will then need to ensure your IT systems and software meet the standards of Cyber Essentials and once achieved, a self-assessment questionnaire will be completed and submitted to your certification body to be verified.

Organisations that undertake Cyber Essentials are then encouraged to re-certify at least once a year and where needed progress their security.

What are the benefits?

  • Provides piece of mind that you have adequate defences in place to protect against the majority of common cyber-attacks which can result in financial loss and reputational damage
  • Provides reassurance to customers that you take cyber security seriously
  • Provides the ability to promote cyber security as an organisational strength which can differentiate you from others and potentially attract new business
  • Provides the opportunity to take on government contracts as cyber essentials is now a requirement


For further information on getting certified visit the following website: https://www.cyberessentials.ncsc.gov.uk/getting-certified/