As its name suggests, Cyber Essentials is an essential certification to have. Obtaining a Cyber Essentials Plus certification is even more advantageous. Having either is showing your clients that you are committed to protecting your company and their data from cyber attacks.
What Is Cyber Essentials?
Simply put, Cyber Essentials helps your organisation guard against cyber attacks. It is a government backed scheme that encourages organisations to adopt good practice when it comes to cyber security. It is operated by the National Cyber Security Centre (NCSC) and whatever your company size, you can be accredited. The certification once completed, shows your customers and authorities that you have implemented recognised practices and tools to safeguard your business.
What is Cyber Essentials Plus?
Cyber Essentials Plus is an expansion of Cyber Essentials and includes an audit of the company’s IT systems. The key elements are shown below:
- An audit of a sample number of your computers will first be conducted. This is to ensure devices are configured.
- A vulnerability scan will be performed on the samples of computers. This will be to ensure basic configuration is at an acceptable level.
- An external port scan of your company’s internet facing IP addresses will be carried out to ensure no obvious misconfigurations or vulnerabilities can be identified.
- Tests are conducted on the default email/intranet browser to confirm its configuration. This is to prevent execution of fake malicious files.
- Screenshots are also taken to prove the system is Cyber Essentials compliant.
A certificate will be provided upon a successful competition of the plus scheme. The standard 12 months validation is provided, and companies can therefore start advertising the Cyber Essentials logo on their website. To apply for Cyber Essentials Plus, a company must already have a Cyber Essentials certification 3 months prior to applying.
Did You Know That Cyber Essentials Certifications are Public?
Yes, that’s right. Anyone can search your company name through the IASME website and find out in seconds if your company has a Cyber Essentials Certification. If a potential client is certified, they may search your company name to see how committed you are to cyber security. Not having a certification could be a deal breaker. The certification only has benefits for your business. We find many companies that are certified will display the Cyber Essentials logo on their website to show their commitment.
Here are some examples of small and large companies that are Cyber Essentials certified.
Frequently Asked Questions
How long does the certification last for?
Both certifications are valid for 1 year.
How does Cyber Essentials & Cyber Essentials Plus work?
Cyber Essentials is an online self-assessment certification. If you fail, you can try again until you pass the assessment. A board member from the organisation will sign to confirm that the assessment has been conducted properly. Then a qualified assessor evaluates the assessment.
How much does it cost?
The cost varies according to the size of your organisation. Please refer below.
- £1,500 for up to 9 users
- £2,000 for between 10 and 49 users
- £2,750 for between 50 and 249 users
- £3,750 for 250 and over users
For more help with your Cyber Essentials certification contact us today.