Cyber Essentials

Support.

Cyber Essentials

From £320

Show you’re serious about cyber security and prevent security incidents by achieving Cyber Essentials with CyberLab.

Cyber Essentials is a government-backed initiative to help businesses just like yours to protect against the most common cyber threats.

Originally launched in 2014, over 120,000 certificates have since been awarded to businesses of all sizes across the country.

As an IASME approved assessor for the Cyber Essentials and Cyber Essentials Plus, we offer a range of options depending on your requirements and technical ability. 

cyber essentials
cyber essentials
cyber essentials plus
crc trusted partner
crown commercial service supplier

Get Cyber Essentials Certified

Formalise Your Security Icon

Formalise Your Security

You will gain a clear picture of your current cyber security posture, with every important process and policy formally documented to ensure business continuity.

Win More Business Icon

Win More Business

A Cyber Essentials qualification opens doors to the public sector. Since 2014, Cyber Essentials has been a requirement for contracts that deal with personal data, with the MOD following suit in 2016.

Free Cyber Insurance Icon

Cyber Liability Insurance

If your turnover is below £20m, your certification comes with Cyber Liability Insurance, complete with 24hr helpline, and incident response worth up to £25,000.

Set Yourself Apart Icon

Set Yourself
Apart

Whoever your customers are, a Cyber Essentials qualification will let them know that cyber security is a priority for your business.

Engage Employees Icon

Employee Engagement

Improve security awareness within your business, educating your people on the importance of cyber security and on how to minimise threats.

Peace of Mind Icon

Peace of
Mind

Rest easy in the knowledge that you have secured your systems and applications against 80% of cyber attacks and focus on what matters the most.

cyber essentials
cyberlab-trustpilot-5-star

How Much Does a Cyber Essentials Certification Cost?

Prices for Cyber Essentials certifications start from just £320.

Prices can vary depending on the size of your organisation, and the level of support that you would like from us.

We can offer the certification by itself, alongside a pre-assessment check, or with additional remote support from our team of experts.

We are transparent about our pricing, which we keep in-line with the NCSC recommendations.

NHS Trust Secures Cyber Essentials Accreditation with CyberLab

When an NHS Trust aimed to achieve Cyber Essentials accreditation, ensuring the security of their Microsoft 365 environment was paramount. They turned to CyberLab for an independent security assessment – backed by a history of successful collaboration and proven expertise.

Discover how CyberLab’s tailored approach helped this NHS Trust strengthen its cyber defences and achieve the coveted Cyber Essentials certification.

The Process: Five Technical Controls

The Cyber Essentials scheme addresses five key controls that, when implemented correctly, can prevent around 80% of cyber attacks:

Creating a buffer between your network and external networks, a firewall protects your network by analysing incoming traffic to identify whether access to your network should be granted.

Cyber Essentials requirement – A firewall must be configured and used on all devices, particularly those connected to public or untrusted Wi-Fi networks.

Default configurations often make it as easy as possible to connect and use, which can create vulnerabilities if left unchanged. Settings should be checked, disabling, or removing unnecessary functions, while default passwords should be updated before deployment. Two-factor authentication should be used for data sensitive accounts.

Cyber Essentials requirement – Only necessary software, accounts and applications are used.

In allowing access to those — and only those — accounts (software, settings, services, and functions) that your people need in their specific job role, the risk of potential damage can be minimised.

Cyber Essentials requirement – Access to your data must be controlled through user accounts, with controlled administration level privileges given only to your people who specifically need them.

Malware — including ransomware and viruses — can come from a range of sources, including infected email attachments or USB memory sticks. Anti-malware measures are included within most operating systems. Malware can be introduced to a network when a rogue application is downloaded, so whitelisting – only giving users the ability to run applications authorised by the administrator – offers good protection. Sandboxing – running an application in an environment with restricted access to the rest of your devices and network – helps to keep your data beyond the reach of malware.

Cyber Essentials requirement – At least one approach, anti-malware measures, whitelisting or sandboxing must be implemented.

Operating systems and applications become vulnerable if they are not up kept to date. To keep patches up to date, your systems and applications should be set to “automatically update” where possible. When no longer supported, systems and applications should be replaced.

Cyber Essentials requirement – Devices, software and apps must be kept up to date.

cyber essentials

Download Cyber Essentials Checklist

We’ve put together a checklist to get you through the Cyber Essentials certification.

How Do We Achieve Accreditation?

As an IASME approved assessor, CyberLab is not only authorised to assess against the scheme, but also able to support your organisation to achieve certification.

Not only are we authorised Cyber Essentials assessors, we are also able to provide bespoke consultancy services to assist your team in meeting and maintaining the high standard of security required.

With our expert advice, you’ll pass first time.

Frequently Asked Questions

  • According to the UK government, achieving Cyber Essentials means your organisation is protected your organisation from approximately 80% of cyber-attacks.
  • Cyber Essentials certifications demonstrate that you are committed to cyber security and data protection to customers and stakeholders.
  • Improves your organisation’s reputation and increases your chance of securing new business by showing you have robust cyber security measures in place.
  • Enables you to bid for and win UK government contracts.
  • Gives you the peace of mind to focus on your business objectives, knowing your systems are secure.
24hr helpline to report a cyber incident, which will provide crisis management and incident response to the total liability limit of £25,000.

For Certifications after 01 October 2023 the cover will be underwritten by American International Group UK Limited and continued to be administered via Sutcliffe & Co Insurance Brokers.

Please see Terms and Conditions.
The Cabinet Office’s note to Procurement Officers requires that:

Any of the following characteristics will necessitate the requirements prescribed by Cyber Essentials:

i) Where personal information of citizens, such as home addresses, bank details, or payment information is handled by a supplier.

ii) Where personal information of Government employees, Ministers and Special Advisors such as payroll, travel booking or expenses information is handled by a supplier.

iii) Where ICT systems and services are supplied which are designed to store, or process, data at the OFFICIAL level of the Government Protective Marking scheme.

Any company using unsupported or out-of-date software in the scope of the assessment, such as Microsoft 7, will probably fail to achieve Cyber Essentials certification.

The questionnaire requires answers to all questions – most of these questions will require brief notes to enable us to understand your company and the information security controls that you have in place. By providing full details in the questionnaire you will reduce the time required for certification as we will have all the information we need up front.

Once you have completed the self-assessment questions on the online portal we aim to turnaround all assessments within 24 hours.

We will get in touch ahead of your expiry date outlining the steps involved in order to work through your renewal.

You need to get nearly all the questions right (compliant) to pass the Cyber Essentials assessment. You need to be controlling all these aspects of your system to be certified.

This very strict pass criteria is set by the UK Government.

If you are not compliant in some of the questions we suggest you try and change your processes to meet the requirement and add notes to explain why you are not compliant in this aspect, and how you control that risk.

Speak With an Expert

Enter your details and one of our specialists will be in touch.

Whether you’re looking to implement basic cyber security best practice, improve your existing defences, or introduce a new system or solution, our team of expert consultants, engineers, and ethical hackers are here to help.

Our team specialise in creating bespoke security solutions and testing packages to improve and maintain your security posture.

We are 100% vendor agnostic and will only ever recommend the best products and solutions for your requirements.

If you like this, then take a look at…

Cyber Essentials Plus
Everything you need to know about Cyber Essentials Plus
 
NHS Trust gets Cyber Essentials Accreditation with CyberLab
Cyber Security Essentials for Websites and Applications
 
Cyber Essentials Plus & Patch Management Webinar with Vicarius