Featured Hub

Register/Login

New to Charity Digital?

Register

Cyber Essentials from the National Cyber Security Centre

Cyber Essentials is a government approved, cyber security scheme for organisations of all sizes. more

Description

Features

Description

The annually renewable certification scheme consists of five controls that will reduce the impact of common cyber attack approaches by up to 80% and could reduce potentially large-scale damage from one phishing email. A team of experts review the scheme at regular intervals to ensure it stays effective in the ever-evolving threat landscape.

Cyber Essentials works in the format of a verified self-assessment questionnaire. Organisations answer a series of questions that address the scope of the assessment, their employees, devices, and work location. They will also answer questions that address the five core controls, which include user access control, secure configuration, security update management, firewalls, and malware protection. The answers must be signed off by a board member, or equivalent and the answers are then marked by an qualified Assessor.  

Organisations based in the UK with a turnover of less than £20 million, who certify their whole organisation to Cyber Essentials get included cyber liability insurance when they certify to Cyber Essentials.

Pricing structure for Cyber Essentials

Apply for Cyber Essentials here

Cyber Essentials Plus starts with the Cyber Essentials questionnaire and for greater assurance, includes a technical audit of your systems to verify that the Cyber Essentials controls are in place. The audit includes a representative set of user devices, all internet gateways and all servers with services accessible to unauthenticated internet users.

As the Cyber Essentials Plus assessment needs extra time from technical experts, it is more expensive than Cyber Essentials. The cost will depend on the size and complexity of your network. A quote for Cyber Essentials Plus can be applied for via the IASME website, you will be emailed quotes from three different Certification Bodies.

A Cyber Essentials Assessor is a cyber security expert that is trained and qualified to assess Cyber Essentials applications and issue certification. Some Assessors are also qualified to conduct audits for the Cyber Essentials Plus certification. An Assessor must work for a Certification Body.

You can find your nearest Certification Body here Find a Certification Body - Cyber Essentials .

The Cyber Advisor (Cyber Essentials) scheme offers small and medium sized organisations in the UK and Crown Dependencies a choice of qualified cyber security experts assured by the National Cyber Security Centre (NCSC). Cyber Advisors are assessed against whether they can understand and communicate with small organisations to give proportionate and sensible cyber security support.  Cyber Advisors work for an Assured Service Provider that has met the NCSC’s strict quality and security standards.

There is no recommended fixed cost for Cyber Advisors to charge clients. Each job is likely to vary considerably according to your existing security posture and size and complexity of your IT setup.

You can find more information and a list of registered Cyber Advisors that are located all around the UK on the IASME Website (find a cyber advisor). Contact them directly for advice. 

Not ready to certify? get started by reviewing your business cyber security with the Cyber Essentials Readiness Tool.