Cyber Essentials assurance scheme

Helping to protect your organisation from cyber attacks

Cyber Essentials is a simple but effective government-backed certification scheme, managed by the NCSC (National Cyber Security Centre), designed to help businesses of all sizes protect themselves from the most common cyber threats.

A GOV.co.uk survey in March 2021 reported that nearly 40% of UK businesses and charities reported a cyber-attack during the previous year, and it’s not just big businesses being targeted, small businesses are at risk too.

A cyber attack can maliciously disable devices, steal data, or use a compromised device as a launch point for other attacks. But it can also do so much more than that. The long term implications are huge. A security incident can have devastating consequences when taking into account lost revenue, lost customer and employee trust, regulatory fines and damage to an organisation’s reputation.

Cyber Essentials demonstrates a commitment to cyber security

Cyber Essentials helps you to guard your organisation against cyber attack plus gives reassurance to your stakeholders that your organisation is serious about cyber security:

  • Reassure staff, customers and partners that you are working to secure your organisation against cyber attacks
  • Give confidence that you are taking steps to protect sensitive data held within your organisation
  • Provides your management team with a clear picture of your organisation’s cyber security level
  • Helps you to attract new business with the promise you have the appropriate cyber security measures in place
  • If you are planning to bid for central government contracts which involve handling sensitive and personal information, you will require Cyber Essentials Certification

Cyber Essentials focuses on the most common cyber threats

The Cyber Essentials scheme focuses on 5 different areas of cyber security, which when correctly deployed, will protect your organisation from the most common cyber security threats:

  1. Firewalls – ensuring that your boundary firewalls are configured to allow only authorised inbound and outbound traffic
  2. Secure configuration – ensuring that security controls have been agreed upon and implemented will help to reduce configurations in default settings
  3. User access controls – making sure that user accounts are configured with only the level of access which is needed.
  4. Patch Management – ensuring that all software is kept up to date with the latest security updates
  5. Malware management – Making sure you have proper malware protection in place on all devices

Cyber Essentials can be gained through self assessment

Cyber Essentials certification offers a self-assessment option that gives you peace of mind that your defences will protect against the vast majority of common cyber attacks, and will deter unwanted attention from more sophisticated attacks. Cyber Essentials self assessment certification costs £300+ vat, and if successful certification is valid for 12 months.

Cyber Essentials certification is undertaken through self assessment via an on-line portal. Organisations assess themselves against the five basic security controls and then Infosec Partners, as a qualified assessor, verifies the information you have provided and if you are successful you will be awarded a certification. The self assessment questions are available to view here. Please note these questions are for information only. If you want to be assessed you cannot simply submit these question sets to us. You must apply online for an assessment and submit your answers through the portal.

IASME is the NCSC’s Cyber Essentials Partner, responsible for the delivery of the scheme. Infosec Partners are trained and licensed by IASME to certify against the Government’s Cyber Essentials Scheme. We are also available to offer consulting and support services to help you achieve Cyber Essentials Certification.

Take the stress out of self assessment certification

Some of the Cyber Essentials self-assessment questions can be difficult to understand if you do not have a technical IT background or have a complex company IT structure.

As a Cyber Essentials Certification Body, Infosec Partners offers consultancy support to help you through each step of the Cyber Essentials certification process:

  • to help you understand the assessment questions and how they relate to your organisation
  • identify what steps you need to take in order to achieve certification
  • work with you to identify and resolve any potential areas of weakness

If your organisation needs additional support in completing and submitting the assessment we can also:

  • perform a pre-assessment check to highlight any areas that require attention before you submit your final assessment
  • carry out self assessments on behalf of existing clients
Cyber essentials logo

FREE CONSULTATION

Contact us today for expert guidance on Cyber Essentials.

Please leave a few contact details and one of our Trusted Advisors will get back to you. Or call us to speak with someone immediately:

+44 (0)203 892 4812

secure@infosecpartners.com








    Cyber Essentials benefits

    It shows your commitment to security; demonstrating to your business partners, regulators and suppliers that you take cyber security seriously.
    It is a mandatory requirement for government suppliers and for all public service contracts.
    It enables you to safeguard commercially sensitive data.
    It protects your company’s profits and reputation by avoiding the financial implications any negative publicity associated with a cyberattack.
    It gives you a competitive advantage, particularly in comparison to rivals without accreditation.

    Cyber Essentials Frequently Asked Questions

    How will my submission be assessed?

    Infosec Partners are trained and licensed by IASME to certify against the Government’s Cyber Essentials Scheme. As a qualified assessor, we will verify the information you have provided via the online portal.

    How long does it take to get Cyber Essentials Certification?

    How quickly you achieve the Certification however depends on:

    • How well you know your systems and processes
    • The level of effort and resource you can apply to preparing and submitting the assessment.
    • In essence, how quickly you can demonstrate that you can meet the requirements.
    • If your self assessment passes then you will receive certification within 24 hours, if further work is required then certification will take longer.

    How do I ensure that I pass Cyber Essentials?

    We offer a consultancy service and can work with you in advance of your assessment to ensure that everything is in order. Get in touch with the Infosec Partners team for more information.

    How long do I have to complete the assessment on the online portal?

    Once your access to the online portal has been setup, you will have 6 months to complete the self-assessment, any longer than this and your access to the portal may be denied and additional costs may be incurred.

    How long does it take for my submission to be assessed?

    We aim to assess all submissions within 24 hours.

    If my organisation fails the self assessment, can we retake the assessment at no extra cost?

    If you complete the self-certification and fail, you are allowed two working days to examine the feedback from the assessor and change any simple issues with your network and policies. You can then provide the updated answers to the assessor who will review. If you still fail the certification after these two days, you will have to reapply and pay the assessment fee again.