Expertise image

Services

Cyber Security

Cyber security can be daunting, the advice confusing and the solutions expensive.

By guiding you through simple steps we’ll help you certify to the UK’s most effective, and attainable, cyber security standard, Cyber Essentials. Our people-centred approach provides support and help at every stage.​

We’re focused on ease of process, resulting in you being able to demonstrate that you take security seriously.

​What’s more, once you’re certified we remain there for you, providing 12 months of free cyber security advice from the date of your certification.

We make cyber security painless, letting you focus on running your business

020 7193 3324

Cyber Essentials and the IASME Standard

cyber security

Cyber Essentials, developed by the cyber security arm of GCHQ, stipulates a range of techincal controls helping you towards safer online working.

The IASME Governance Standard is  governance certification asessing physical security, staff awareness and backups. It provides baseline ISO 27001 compliance. While ISO 27001 can be challenging to achieve, the IASME Governance Standard is designed as an achieveable and affordable alternative.

Both Cyber Essentails and the IASME Governance Standar helps you to significantly reduce your organisation’s exposure to cyber risk.

cyber essentials Plus logo

What we offer

We offer four levels of certification covering Cyber Essentials and the IASME Governance Standard, as listed below.

We also provide penetration testing, insider threat assessments and pre-employment screening checks. To discuss any of these please call us on 020 7193 3324.

CYBER ESSENTIALS BASIC

We’ll work with you every step of the way ensuring you pass first time. Benefits include:​

All application costs

All policy templates required

Help with every question, via guided questionnaire, PLUS unlimited phone & email assistance

Free cyber security advisory for 12 months from date of certification

Free cyber liability insurance

Display the Cyber Essentials logo on your website

Answers reviewed by Forensic Control, providing recommendations if anything needs to be rectified.

£1200.00

CYBER ESSENTIALS BASIC
WITH IASME BASIC

The same benefits as with Cyber Essentials Basic plus to improve your security governance. Using our simple approach we’ll work with you closely towards a first-time pass.

Accreditation from scheme developed by GCHQ

Free Cyber Liability Insurance

Mitigates risk from common internet based threats

Significantly reduces cyber-vulnerability in a cost-effective manner

Meets cyber security requirement in bidding for government contracts

Shows clients & partners that you take the security of their data seriously

Display the Cyber Essential Badge as proof of certification

Covers physical security, staff awareness, & data backup

GDPR Readiness Check

Self-assessed

Answers reviewed by Forensic Control, providing recommendations if anything needs to be rectified.

£1800.00

CYBER ESSENTIALS PLUS

External experts (us!) audit your Cyber Essentials answers. You’ll need to be Cyber Essentials certified first for this option, though you can take both options at the same time, at a discounted rate. Independent auditing ensures that Cyber Essentials Plus is a more rigorous certification. Benefits include:

Everything from Cyber Essentials Basic

Qualified external assessor auditing your security controls

Simulated hacking attacks on your organisation

Testing of a set of user devices, internet gateways & servers

The same simplicity of approach as Option 1

Display the Cyber Essentials Plus logo on your website

 

From: £2,000
With Cyber Essentials Basic from: £2,500

 

Cost is dependent on the size and complexity of what is being audited. Please contact us for exact fixed price.

CYBER ESSENTIALS PLUS
WITH IASME GOLD

The most comprehensive package.

 

Accreditation from scheme developed by GCHQ

Free Cyber Liability Insurance

Mitigates risk from common internet based threats

Significantly reduces cyber-vulnerability in a cost-effective manner

Meets cyber security requirement in bidding for government contracts

Shows clients & partners that you take the security of their data seriously

Display the Cyber Essential Badge as proof of certification

Qualified, external assessor audits your security controls

The assessor simulates hacking attacks on your organisation (pen test)

The assessor tests a set of user devices, all internet gateways & servers

Covers physical security, staff awareness, & data backup

GDPR Readiness Check

Equivalence to baseline ISO27001 accreditation

Cost dependent on the size and complexity of what is being audited. Please contact us for pricing.

FAQ

How can I ensure that we’re Cyber Essentials ready?

An excellent place to start is jargon free guide produced by the National Cyber Security Centre’s which is available here.

 

Where can I find the technical requirements for Cyber Essentials?

For detailed coverage of requirements which could be used by an IT specialisit, see the guide here.

 

How many of the questions do I need to get right to pass?

You need to get nearly all the questions right to pass the Cyber Essentials assessment. This very strict pass criteria is set by the UK Government. If you are not compliant in some of the questions we suggest you try and change your processes to meet the requirement and certainly add notes to explain why you are not compliant in this aspect and how else you control that risk.

 

How long does the certification last before I have to renew it?

You will need to renew Cyber Essentials Basic, Cyber Essentials Plus and IASME Basis certification annually. IASME Audited needs to be renewed every 3 years. It’s usually the case that subsequent certifications are easier than the first, with most of the work needed being done in the first year.

 

What extra do I get from certyfying to Cyber Essentials Plus?

Cyber Essentials Plus Certification still has our trademark simplicity of approach. The protections you need to have in place are the same, but this time we verify your cyber security. This includes scans of the devices (laptops, servers, desktops) inside your network and vulnerability checks on devices (firewalls, routers) on the perimter of your network.

 

Can you give me more details about the IASME Standard?

The IASME Standard covers your policies and procedures around security. Whereas Cyber Essentials is focussed on technical controls, the IASME Standard:

 

  • ensures you know what and where your information assets are
  • looks at how you treat data in the cloud
  • ensures that you comply with data privacy legislation (including GDPR)
  • examines your risk management and risk assessment stance
  • addresses the interaction of staff and security, including recruitment, termination and staff responsibilities
  • ensures that you have a security policy
  • examines your physical and environmental issues that may impact on security

 

We offer this bolt-on via the IASME (Information Assurance for Small to Medium-sized Enterprises) organisation.
The IASME Governance standard was developed over several years during a government funded project to create a cyber security standard which would be an affordable and achievable alternative to the international standard, ISO27001. It allows companies to demonstrate their level of cyber security at a realistic cost, indicating that they are taking reasonable steps to protect their information.

Top 10 IT forensic dos

Tip 5 . Do not inform anyone other than necessary that an investigation is underway

What our clients say