Cyber Essentials as a Service

What is Cyber Essentials?

Cyber Essentials is a Government-backed, industry supported scheme to help organisations protect themselves against common cyber threats.

Demostrates to the outside world that your organisation takes IT Security serious and is open for secure business
The full scheme, launched on 5 June 2014, enables organisations to gain one of two Cyber Essentials badges. It is backed by industry including the Federation of Small Businesses, the CBI and a number of insurance organisations which are offering incentives for businesses. Cyber Essentials is suitable for all organisations, of any size, in any sector.

Five Reasons to have Cyber Essentials certification?

Reassure vendors, clients and future customers that you have a secure IT infrastructure.

Helps with frameworks you have in place for General Data Protection Regulation (GDPR).

Some Government contracts and others that already have the certification will require their partners to also have Cyber Essentials certification.

You have a understanding of your organisation’s cyber security level.

Help with your organisation fight against common cyber threats.




Why Cyber Essentials as a Service?

Instead of both parties’ annual cost and administration work, we spread the work and cost over 12 months. More importantly, maintaining and incrementally improving IT security throughout the year is a sounder working practices than a big bang approach.

What does it include?

  • Cost of certification
  • Extra security checks throughout the year
  • Documentation and audit of checks
  • Additional security services
  • Automatically renew of certification the following year

What is involved with Cyber Essentials?

We ensure ongoing, bite-sized learning that empowers your staff’s knowledge in core security areas while mapping your organisation’s overall risk-based on regular phishing testing, dark web monitoring and policy communications.

Q1 - Evaluate & Certification

On average we aim to have new clients with first certification within 1 month.

Existing client can expect quicker result, as by default you will be following many of the best practices as outline by Cyber Essentials.

Q2 - Audit

Firewall audit and external scanning

Software audit

User account audits

Passwor changes and 2FA checks

Q3 - Improve

Device and computer audit

Advanced software patching

Firmware updates on key systems

Internal network scans

Q4 - Annual Certification

Review of security services

Renewal of certification

What is Cyber Essentials Plus?

Cyber Essentials Plus is the highest level of certification, requiring a more thorough examination of a company’s cyber security systems to guard against hacking and phishing attempts.

The assessment proceeds as follows:

  • Internal Vulnerability Analysis
  • Evaluation of external vulnerability
  • User Access Controls Evaluation
  • Browser download evaluation
  • Email testing

Cyber Essentials Plus comprises the same questions as the standard accreditation, including an internal scan and on-site evaluation.
This comprises the assessor assessing the security of a random sample of organisation systems, devices, and servers.


The Cyber Essentials Plus evaluation also offers clients a comprehensive report outlining the findings and adjustments that must be addressed before certification can be granted.

Contact a member of the team today