Cyber Essentials

What Is Cyber Essentials?

Cyber Essentials is the only UK Government cyber certification. It has been created for SMEs to reduce their chance of suffering from the most common cyber-attacks by up to 80% by being aligned with the five technical controls: malware protection, firewalls, password-based authentication, user access control and secure configuration.

By becoming Cyber Essentials certified, you will reassure your clients that you take security seriously and, having been certified, you can display the badge on all your communication channels for your prospects and clients to see. It is worth noting that certification is a requirement in order to do business with some government organisations.

Your certification lasts a year.

Cyber Essentials Plus

Many organisations go through the process of self-certifying for Cyber Essentials and, whilst some are successful, many struggle to achieve a pass.

Cyber Essentials Plus is independently verified by ‘Certifying Bodies’, such as our partner Cyber Tec Security.

Cyber Essentials Plus allows us to check that you are aligned with all the important security controls. We always recommend that you undergo a Cyber Essentials Plus ‘Pre-Assessment’ first, so that any security gaps can be identified and then remediated, ensuring a pass when it comes to the actual Plus assessment itself.

The Cyber Essentials Plus process is completely streamlined, so you can have peace of mind that you’re in expert hands, and assessments are fully remote thanks to our proprietary technology.

The Process

With the joint service Nexus and Cyber Tec Security are offering, you can be confident that the assessment process, remediation of any security gaps, and becoming Cyber Essentials certified will be a smooth and efficient process.

Nexus can assess your current situation and work on the necessary improvements, to help you pass the assessment first time. As the awarding body, Cyber Tec can hold your hand on the path to becoming certified and can ensure you have a fail-proof application first time.

The NCSC and its delivery partner for Cyber Essentials IASME have recently completed a major technical review of the scheme, and have launched updated requirements for 2022.

"The NCSC and its delivery partner for Cyber Essentials IASME have recently completed a major technical review of the scheme," and have launched updated requirements for 2022

The benefits of being cyber essentials certified

1. Secure your business by reducing the risk of breach by 80%.

Many SMEs tend to believe they are safe with simple firewalls or anti-virus software but these are often not good enough. With Cyber Essentials, you can significantly reduce your risk of being breached by 80%.

2. Gain a competitive advantage and enhance your reputation with alignment to the only recognised British cyber security accreditation.

With Cyber Essentials, your business will gain the respect and trust of your clients as you demonstrate your commitment to data protection.

3. Apply and bid for Government tenders.

Bidding for a contract is a competition. Cyber Essentials is the minimum requirement when bidding for public contracts and, if your main competitor has Cyber Essentials and you do not, unfortunately it will count against you and mean your competitor has the advantage with the contracting authority.

4. Secure your supply chain.

Target, Etihad Airways and T-Mobile are just a few examples of how black-hat hackers managed to exploit weak third parties to intrude into larger corporations’ networks in order to do harm. By certifying for Cyber Essential Plus, you are moving towards securing your supply chain and ensuring the businesses you work with won’t lead to a breach in your business.

Many large organisations such as Deloitte, Ernst and Young, KPMG and many more are already certified for Cyber Essentials and promote the certification amongst their respective supply chains.

5. Avoid hefty GDPR fines post breach.

It is impossible to be 100% secure and guarantee to avoid breaches but with Cyber Essentials Plus certification, you can successfully prove to the Information Commissioner’s Office that your business made a significant effort to protect client data and reduce the chances of having to pay up to 4% of your global turnover.

6. Receive FREE Cyber Insurance.

You must fit the following criteria to be eligible for free Cyber Insurance:

- Your organisation must have Cyber Essentials Certification at either the basic or plus level

- Your organisation must be certified with an IASME certification body

- Your organisation must turnover under £20,000,000

- Your organisation must be domiciled in the UK

7. Reduce future cyber insurance premiums.

Cyber insurance agencies look more favourably on organisations that have achieved Cyber Essentials Plus certification.

8. Promote your certification status on your website and social media

Your prospects will instantly understand they are dealing with a secure, compliance-first, business when they see the Cyber Essentials logos on all your communication channels.

How much will it cost?

The assessment price follows a tiered structure from 24th January 2022 (here’s the announcement by the NCSC).

Cyber Essentials Plus has the same requirements, except that an assessor such as Cyber Tec Security actively verifies the measures in place. As such, there’s an extra level of credibility. The extra assessment makes it a bit more expensive and the final cost will depend on your IT environment.

Getting Started

We can assess your current cyber security status and arrange any remedial work that you may need to help your chances of success in passing the certification.

We will then engage with our partner Cyber Tec and address any of their findings.

Let’s talk.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.