Affordable & achievable cyber security certification: Cyber Essentials & Cyber Essentials Plus
What is cyber essentials certification?
Cyber Essentials certification is a UK government scheme developed to help businesses and organisations to protect themselves against cyber threats and demonstrate their commitment to cyber security. The National Cyber Security Centre (NCSC) engineered the course to adapt to all kinds of businesses, offering a simple and affordable solution to cyber security.
Forensic Control is licensed by IASME to carry out Cyber Essentials and Cyber Essentials Plus certifications.
Cyber Essentials covers the fundamentals of IT security. It requires your organisation to demonstrate, via the completion of an online certification questionnaire, that you have a number of technical controls in place. The next step is Cyber Essentials Plus, when a certified agency comes in to verify everything that was claimed in Cyber Essentials. This additional layer of scrutiny means that your Cyber Essentials Plus badge holds more weight with your clients. We can help you determine which certification is best suited to your business needs.
Cyber Essentials Plus must be completed within three months of your Cyber Essentials certification.
Would my company benefit from cyber essentials certification?
A worrying 80% of UK businesses are vulnerable to avoidable cyber attacks. Cyber Essentials has been developed as a strong foundation to protect all businesses, whatever their size, level or field. Cyber Essentials is a mandatory requirement for all Government supply chain contracts and a growing number of commercial tenders. Cyber Essentials aligns with GDPR, providing security assurances to protect personal data.
Not all organisations have a dedicated IT department or in-depth cyber security knowledge, and Cyber Essentials offers a flexible approach that bears this in mind.
- We provide a complete service, hand-holding help at every step of the Cyber Essentials certification process
- Competitive pricing. For what we provide, our price isn’t beaten
- Expertise and experience. We’ve been around since 2008, and have certified dozens of organisations from the smallest to some of the best known organisations in the UK.
- Our feedback. Don’t just take out word for it, see what our clients have to say about us
Cyber Essentials from
£1,000
- A hand-holding service, including unlimited phone & email support
- Guided questionnaire with examples of “model” answers
- £25,000 of free cyber insurance cover, if required and if qualifying
- Includes £300 IASME certification fee
*Price does not include VAT.
**Price is for companies with less than 10 users. For up to 50 users it’s £1,200, for up to 249 users it’s £1,400, and it’s £1,500 for over 250 users
Cyber Essentials Plus from
£1,500
- A hand-holding service, including unlimited phone & email support
- Qualified external assessor auditing your security controls
- Tests of a set of user devices, firewalls & servers
*Price does not include VAT.
**Price is for companies with less than 10 users. For up to 50 users it’s £2,000, for up to 249 users it’s £2,750 and it’s £3,750 for over 250 users
Cyber Essentials & Cyber Essentials Plus from
£2,250
- Includes everything from both our Cyber Essentials and Cyber Essentials Plus plans at a £250 discount over purchasing them separately
- Includes £300 IASME certification fee
*Price does not include VAT.
**Price is for companies with less than 10 users. For up to 50 users it’s £3,000, for up to 249 users it’s £4,000 and it’s £5,000 for over 250 users
Securing your company with Cyber Essentials
Forensic Control will assess your business against five key technical controls to ensure that you are protected. We’ll offer simple, step by step guidance to ensure that your business meets the required standards. We won’t overwhelm you with jargon, just offer workable solutions to minimise the risk of cyber threats.
Please note, these controls apply to all internet-connected devices that access your data, including those not owned by your organisation (BYOD). If all devices that access your data meet these requirements it is likely that you would be in a good position to certify for the Cyber Essentials certification.
1. Securing your perimeter
Perhaps the most obvious step to cyber security is keeping malicious hackers out. This involves utilising firewalls and securing Wi-Fi routers. It’s also important to change the default passwords on all of your network equipment and keep all of your hardware up to date with the latest firmware. Skipping updates can leave your network wide open to attacks.
2. Securing your devices
A large part of keeping your devices secure involves ensuring that users have complex, secure passwords, instead of ‘password1234’. It’s also important to regularly audit devices, removing any software or user accounts that are no longer required. Contrary to common advice, it is no longer considered secure to require users to regularly change passwords.
3. Keeping your devices updated
It is important that all apps and operating systems are supported by their manufacturers and are kept updated.
Software and hardware manufacturers regularly release patches and updates for their products. These fixes improve usability, add additional features and protect against security vulnerabilities.
Use of an MDM (mobile device management) tool can help put you in control of patching on your network.
4. Controlling access to your data
As well as ensuring that your system is sufficiently difficult to access externally, it’s also important that access is controlled within your organisation. Make sure that data is only accessible to authorised users and all users should have their own unique user account. Data access permissions must be managed when a user changes roles, while the use and provisioning of administrative accounts must be controlled.
5. Protect your systems against malware
Malware is intrusive software that is designed to damage and destroy computers and computer systems. It can gain access to your systems in a number of ways and it’s essential to install detection software on all devices that access your network. This includes Macs, which used to be hailed as unhackable, and mobile devices.
If you’re interested in the Cyber Essentials accreditation or need more information, take a read of Cyber Essentials Explained or alternatively you can contact us directly.
Talk to our cyber security experts today!
"*" indicates required fields