Skip to content


Why Cyber Essentials

By Jason Kalwa,
20 May 2021

Give your organisation the protection it needs from cyber attacks. Gain your customer’s trust by committing to best cyber security practice.

What is Cyber Essentials?

Cyber Essentials is a UK government-backed scheme supported by the National Cyber Security Centre (NCSC). It aims to ensure organisations adhere to an industry-wide level of core cyber security principles. The scheme helps safeguard businesses from everyday cyber threats and mitigate the risk of an attack.

By obtaining an industry-recognised certificate such as Cyber Essentials, you can prove your businesses’ commitment to best cyber security practice.

One Size Fits All

Whether you’re a startup, an SME, a medium or large enterprise, the Cyber Essentials scheme is designed to help protect organisations of any size. Implementing the scheme’s five technical controls, you can protect your business from common threats such as phishing attacks, malware, ransomware, network attacks and malicious links or emails.

Five steps to better resilience

The Cyber Essentials scheme outlines five controls which can be adopted into your business-as-usual processes right away. These controls can instantly boost your defences against a cyber attack. They include:

  • A firewall to protect your internet connectivity
  • Secure settings for your software and devices
  • Control of who has access to your data and services
  • Protection against viruses and other malware
  • Ensuring your devices and software are up to date

Cyber Essentials Plus

Whilst Cyber Essentials involves an SAQ (self-assessment questionnaire) to achieve a base-level security certification, the Cyber Essentials Plus demands a more thorough examination of your businesses’ systems and defences.

This higher level certification uses the same principles as Cyber Essentials, but adopts a more technical audit of those systems identified in the scope for Cyber Essentials. This process delves deeper including an external vulnerability assessment, internal scan and an on-site assessment.

Why Cyber Essentials?

By becoming Cyber Essentials or Cyber Essentials Plus certified, your organisation can benefit by:

  • Instilling confidence in your clients that they’re working with a business that takes cyber security seriously.
  • Winning new business by showing you have an industry recognised cyber security certification.
  • Getting approval for government and Ministry of defence (MoD) contracts – Cyber Essentials has been a mandatory requirement since 2014 in order to tender for central government work and other larger enterprises.

Cyber Liability Insurance

Add even more confidence with free automatic cyber insurance upon completion of a self-assessed certification (upto £25,000 limit of indemnity). Note: this is only available to companies with a turnover under £20m. Benefits include a 24hr helpline providing crisis management and incident response. The policy liability amount also covers you against extortion demands and ransoms, emergency costs following a breach, loss of electronic data and any other business interruption caused.

What is the process to certification?

Cyber Essentials is a self-assessment questionnaire that gets submitted and then verified by an accredited Cyber Essentials assessment organisation. Cyber Essentials Plus is assessed through an audit carried out by an approved certification body. The Cyber Essentials Partner of NCSC – the IASME Consortium, oversees the scheme’s governance programme. IASME approves specific partners to deliver Cyber Essentials assessments.

About Easy Cyber

Easy Cyber is a certified provider of world-class cyber security services. Based in Cheltenham, the cyber hub of the UK, we are a Cyber Essentials and Cyber Essentials Plus certified organisation. We can help you through the Cyber Essentials process by offering advice and guidance to find the right partner in order to help you achieve certification.

Get in touch for more information.