Cyber Essentials is a series of self-assessment questions that when answered will highlight and provide visibility of areas of cyber risk your business is exposed too. This allows you to make changes and become a Cyber essentials certified business. ​ You work through all the questions which are then assessed by the awarding body and you will pass or fail. We have supported services (https://www.getcybercertified.co.uk/product-page/cyber-essentials-supported)which come with assistance and pre checking of your answers before marking. We haven't had a client who's taken our supported service and followed our advice who has failed and we've marked thousands of assessments. Or if you know you will pass we also have a marking only service (https://www.getcybercertified.co.uk/product-page/cyber-essentials-marking-only)which is simply that, we mark your submission and if its compliant we issue your certificate. No fuss, no support, no turnaround SLA's, just a submission marking. ​ The basic level of Cyber Essentials (CE) does not require any vulnerability or third-party testing like the higher Cyber Essentials Plus certification which required an audit of your answers.

We live in a world where cyber-attacks are now a lucrative business model and used by criminals and states. This is partly due to speed of growth and our increasing reliance on connected technologies, both personally and professionally. ​ The risks keep on growing and each year Cyber-attacks have consistently grown around 40%. With attacks becoming more sophisticated the need for businesses to invest and take cyber security seriously has never been greater, and the repercussion for getting it wrong huge. ​ It was to help address this situation that the National Cyber Security Centre (https://www.ncsc.gov.uk/)(NCSC) and leading experts created a security standard that businesses could apply to help protect themselves. The result was ‘Cyber Essentials’ a certification that helps businesses to understand and deliver the right security in the right areas and even helps to protect against 80% of common cyber threats.

This is one of the most common questions and include: Are home user devices included? What about Microsoft 365? My company accesses a remote desktop environment so are the PC's and laptops still in scope? What about staff's personal phones? Basically, any devices used to access (and not necessarily store) company data is in scope. That's a very simple way of describing it and the UK Governments NCSC change the framework from time to time. If you would like to check what's covered in the Cyber Essentials assessment you can download the governments Requirements for IT Infrastructure document here.(https://www.ncsc.gov.uk/cyberessentials/resources) The NCSC sometimes change the link so if you cant download the document please let us know.