Cyber Essentials

What is the Cyber Essentials Scheme?

Cyber Essentials is a government-backed, industry-supported scheme to help organisations protect themselves against common online threats!

Cyber attacks come in many forms but most of them are fairly basic and carried out by relatively unskilled individuals. They’re the digital equivalent of the opportunistic thief checking to see if your car door is unlocked and Cyber Essentials will help to ensure that your data remains locked and impenetrable to hackers and other digital fraudsters.

The full scheme was launched on 5 June, 2014 and it enables organisations to gain one of two Cyber Essentials badges. It is backed by industry including the Federation of Small Businesses, the CBI and a number of insurance organisations, which are offering incentives for businesses. The scheme is suitable for all organisations of any size in any sector.

There are a number of benefits for small businesses that achieve Cyber Essentials certification:

• Your business can promote cyber security as one of its core strengths when dealing with clients, insurers and investors.
• You can bid for public sector contracts and offer robust cyber security protocols as standard when pitching for work.
• You can be listed in the Cyber Essentials directory of certified organisations: www.cyberessentials.ncsc.gov.uk/cert-search.

• Cyber Essentials certication will enable your business to be considered by insurers to be less susceptible to cyberattack. This could be reected in reduced insurance premiums.

• It provides a starting point for compliance with the General Data Protection Regulation and the Data Protection Act 2018, which require businesses to be able to demonstrate that they have taken appropriate measures to protect the security of personal data.

There are two levels of certification:

Cyber Essentials

This self-assessment option gives you protection against a wide variety of the most common cyber attacks. This is important because vulnerability to simple attacks can mark you out as target for more in-depth unwanted attention from cyber criminals and others.

Certification gives you peace of mind that your defences will protect against the vast majority of common cyber attacks simply because these attacks are looking for targets which do not have the Cyber Essentials technical controls in place.

Cyber Essentials shows you how to address those basics and prevent the most common attacks.

Cyber Essentials Plus

Cyber Essentials Plus retains the Cyber Essentials trademark simplicity of approach, and the protections you need to put in place are the same, but for Cyber Essentials Plus a hands-on technical verification is carried out.

Alternatively, you can familiarise yourself with cyber security terminology, gaining enough knowledge to begin securing your IT.

How do I get my business certified?

You can choose any accredited certification body to manage your Cyber Essentials certification. The organisation must be accredited by one of five official Cyber Essentials accreditation bodies that are appointed by the government. For more information, and to view a directory of certification bodies, go to www.cyberessentials.ncsc.gov.uk/getting-certified.