Beginners guide to Cyber Essentials

Cyber Essentials is a UK government-backed certification scheme that outlines a basic level of security for organisations and is designed to protect against common cyber threats including hacking, phishing and malware.

The Cyber Essentials certification demonstrates that a business has implemented essential cyber-security measures to safeguard its data, network and systems.

The importance of Cyber Essentials:

• Protects your business: Cyber Essentials can protect your business from common cyber threats that could cause financial loss, data breaches or reputational damage.
• Builds trust: Customers, clients and partners are more likely to trust a business that they identify as certified, it shows that they are serious about protecting sensitive data.
• Identifies compliance: Particularly beneficial for certain industries, having strong cybersecurity measures in place can be a legal requirement and Cyber Essentials can help you to meet these obligations.
• Competitive advantage: Some businesses require their suppliers to be Cyber Essentials certified. Having the certification can help you win contracts, especially in the public sector.

The 5 technical controls:

Cyber Essentials focuses on 5 technical controls that all businesses should implement to protect themselves from cyber threats.

• Firewalls and routers: Create a security filter between the internet and your network
• Secure Configuration: Set up computers securely to minimise ways that a cyber-criminal can find a way in
• User Access Control: Control who can access your data and services and what level of access they have
• Malware Protection: Identify and immobilise viruses or other malicious software before it has a chance to cause harm
• Security Update Management: Prevent cyber criminals using vulnerabilities they find in software as an access point to your systems

(Source National Cyber Security Centre)

How to achieve Cyber Essentials:

Self-Assessment:

The first step towards achieving the Cyber Essentials certification is to complete a self-assessment questionnaire, covering the basic security measures outlined by the Cyber Essentials framework.

You will be required to answer questions about your organisation’s current security practices, for example how your firewalls are set up, whether you have malware protection in place, and how you manage user access.

Upon completion of the completed questionnaire, it will be submitted for review, when everything is in order you will receive your certification.

How to achieve Cyber Essentials Plus:

It’s essential that you first acquire the Cyber Essentials certification.

Then within 90 days of obtaining Cyber Essentials you will then undertake an independent assessment by an accredited certification body, which involves comprehensive tests of your systems using various tools and techniques.

If any issues are identified during the assessment, you will be required to address these issues to meet the required standards, before the final verification, which will verify that all necessary measures are in place and that your systems meet the standards to be awarded the Cyber Essentials Plus certification.

How long do Cyber Essentials and Cyber Essentials Plus last?

Both certifications are valid for 12 months from the date achieved.

After a year you will need to renew the certification by completing the self-assessment for Cyber Essentials or re-submitting for Cyber Essentials Plus.

Benefits of Cyber Essentials:

• Reduced risk of cyber attack
• Increased customer confidence
• Improved business reputation
• Ability to be able to bid for government tenders

The benefits of Cyber Essentials are discussed in more detail in our dedicated insight post, click here to read.

Cyber Essentials is an easy to understand, but essential standard that helps protect businesses of all sizes against the most common cyber threats.

Taking steps to achieve certification shows your customers, employees and stakeholders that you take cybersecurity seriously.

If you would like to discuss your organisation’s cyber security, or would like some more information regarding Cyber Essentials please don’t hesitate to contact Data Installation & Supplies (DIS) on 01274 869 099 or complete the enquiry form below.

Enquiry Form

"*" indicates required fields

Name*

Company

Phone*

Email

Enquiry Type

Quote requestCustomer enquirySupport enquiry

Message*

Newsletter Consent

From time to time we would also like to contact you about news, special offers, and other updates. Please tick the box if you consent to us contacting you for this purpose.

CAPTCHA

To prove you're not a robot, please type in the characters below:

Name

This field is for validation purposes and should be left unchanged.

Submit