Affordable & achievable cyber security certification: Cyber Essentials & Cyber Essentials Plus

What is cyber essentials certification?

Cyber Essentials certification is a UK government scheme developed to help businesses and organisations to protect themselves against cyber threats and demonstrate their commitment to cyber security. The National Cyber Security Centre (NCSC) engineered the course to adapt to all kinds of businesses, offering a simple and affordable solution to cyber security.

Forensic Control is licensed by IASME to carry out Cyber Essentials and Cyber Essentials Plus certifications.

Cyber Essentials covers the fundamentals of IT security. It requires your organisation to demonstrate, via the completion of an online certification questionnaire, that you have a number of technical controls in place. The next step is Cyber Essentials Plus, when a certified agency comes in to verify everything that was claimed in Cyber Essentials. This additional layer of scrutiny means that your Cyber Essentials Plus badge holds more weight with your clients. We can help you determine which certification is best suited to your business needs.

Cyber Essentials Plus must be completed within three months of your Cyber Essentials certification.

Would my company benefit from cyber essentials certification?

A worrying 80% of UK businesses are vulnerable to avoidable cyber attacks. Cyber Essentials has been developed as a strong foundation to protect all businesses, whatever their size, level or field. Cyber Essentials is a mandatory requirement for all Government supply chain contracts and a growing number of commercial tenders. Cyber Essentials aligns with GDPR, providing security assurances to protect personal data.

Not all organisations have a dedicated IT department or in-depth cyber security knowledge, and Cyber Essentials offers a flexible approach that bears this in mind.

Why certify with Forensic Control?

  • We provide a complete service, hand-holding help at every step of the Cyber Essentials certification process
  • Competitive pricing. For what we provide, our price isn’t beaten
  • Expertise and experience. We’ve been around since 2008, and have certified dozens of organisations from the smallest to some of the best known organisations in the UK.
  • Our feedback. Don’t just take out word for it, see what our clients have to say about us

office worker

Cyber Essentials from


  • A hand-holding service, including unlimited phone & email support
  • Guided questionnaire with examples of “model” answers
  • £25,000 of free cyber insurance cover, if required and if qualifying
  • Includes £300 IASME certification fee

*Price does not include VAT.
**Price is for companies with less than 10 users. For up to 50 users it’s £1,200, for up to 249 users it’s £1,400, and it’s £1,500 for over 250 users

Book it now

Cyber Essentials Plus from


  • A hand-holding service, including unlimited phone & email support
  • Qualified external assessor auditing your security controls
  • Tests of a set of user devices, firewalls & servers

*Price does not include VAT.
**Price is for companies with less than 10 users. For up to 50 users it’s £2,000, for up to 249 users it’s £2,750 and it’s £3,750 for over 250 users

Book it now

Cyber Essentials & Cyber Essentials Plus from


  • Includes everything from both our Cyber Essentials and Cyber Essentials Plus plans at a £250 discount over purchasing them separately
  • Includes £300 IASME certification fee

*Price does not include VAT.
**Price is for companies with less than 10 users. For up to 50 users it’s £3,000, for up to 249 users it’s £4,000 and it’s £5,000 for over 250 users

Book it now

Securing your company with Cyber Essentials

Forensic Control will assess your business against five key technical controls to ensure that you are protected. We’ll offer simple, step by step guidance to ensure that your business meets the required standards. We won’t overwhelm you with jargon, just offer workable solutions to minimise the risk of cyber threats.

Please note, these controls apply to all internet-connected devices that access your data, including those not owned by your organisation (BYOD). If all devices that access your data meet these requirements it is likely that you would be in a good position to certify for the Cyber Essentials certification.

1. Securing your perimeter

Perhaps the most obvious step to cyber security is keeping malicious hackers out. This involves utilising firewalls and securing Wi-Fi routers. It’s also important to change the default passwords on all of your network equipment and keep all of your hardware up to date with the latest firmware. Skipping updates can leave your network wide open to attacks.

2. Securing your devices

A large part of keeping your devices secure involves ensuring that users have complex, secure passwords, instead of ‘password1234’. It’s also important to regularly audit devices, removing any software or user accounts that are no longer required. Contrary to common advice, it is no longer considered secure to require users to regularly change passwords.

3. Keeping your devices updated

It is important that all apps and operating systems are supported by their manufacturers and are kept updated.

Software and hardware manufacturers regularly release patches and updates for their products. These fixes improve usability, add additional features and protect against security vulnerabilities.

Use of an MDM (mobile device management) tool can help put you in control of patching on your network.

4. Controlling access to your data

As well as ensuring that your system is sufficiently difficult to access externally, it’s also important that access is controlled within your organisation. Make sure that data is only accessible to authorised users and all users should have their own unique user account. Data access permissions must be managed when a user changes roles, while the use and provisioning of administrative accounts must be controlled.

5. Protect your systems against malware

Malware is intrusive software that is designed to damage and destroy computers and computer systems. It can gain access to your systems in a number of ways and it’s essential to install detection software on all devices that access your network. This includes Macs, which used to be hailed as unhackable, and mobile devices.

If you’re interested in the Cyber Essentials accreditation or need more information, take a read of Cyber Essentials Explained or alternatively you can contact us directly.

Talk to our cyber security experts today!

"*" indicates required fields

I'm interested in*
This field is for validation purposes and should be left unchanged.

what our clients say

“Highly recommended Forensic Control. From the very start of our CE+ journey, Jonathan was providing tremendous service to us in order to ensure we had all the necessary information and advice specific to our company. They were consistently providing clear and helpful guidance in order for us to best succeed with our certification and as such had a great outcome! Big thanks to Jonathan and Forensic Control..‌”

Christopher Price, Tech. Operations Officer, Faculty AI

review stars

“We are a small company that relies on the security of our data. Forensic Control has been perfect at keeping us protected and up to date with all the latest trends. Very efficient when we have needed help. Thank you.‌”

Andy Bibby, CEO, 87%

review stars

“Forensic Control came in to support us at very short notice. From the get-go, the service was professional, slick, to-the-point and constructive. The net effect was that we successfully achieved our CE+ certification but did so as a meaningful basis for growth and cultural change – this is due, in no small part, to the technical leadership, guidance and objectivity that Forensic Control brought to this project. I would actively look to work with and engage Forensic Control on future projects.‌”

Christopher Crowther, CIO, Spectra Analytics

review stars