Cyber Essentials Consultancy Service

About the Cyber Essentials Scheme

“the Government already requires many of its suppliers to hold a Cyber Essentials certificate. We’ll be strengthening this requirement to ensure even more of our contractors take up the scheme.” Minister of State for Digital and Culture March 2017

According to the UK Government, around 80% of cyber attacks could be prevented if businesses put simple cyber security controls in place. In addition, since October 2014 Cyber Essentials has been mandatory for suppliers of Government contracts which involve handling personal information and providing some ICT products and services.

The Cyber Essentials scheme evidences a company’s commitment to cyber security. This certificate demonstrates that the organisation meets government and industry-endorsed criteria to help businesses protect themselves against the most common cyber threats and achieve a certificate providing evidence to existing and prospective clients they have achieved a key standard of cyber security.

The UK Government ‘Cyber Essentials’ scheme has been adopted across supply chains and is an integral part of doing business. It is now mandatory for businesses to comply with ‘Cyber Essentials’ when bidding for certain government contracts.

The take up of the Cyber Essentials scheme by businesses has been exceptional and Insurance companies have recognised that the Cyber Essentials certification is a valued gauge of a mature approach to cyber security while also reducing business risks for stakeholders.

Our Cyber Essentials consultancy services

We support our clients in deciding whether to gain Cyber Essentials or Cyber Essentials Plus.

• Cyber Essentials is the basic certification an organisation needs to implement to be considered for new public sector contracts.
• Cyber Essentials Plus certification requires more robust independent testing to assess the level that Cyber Essentials is integrated into the organisation, conduct an external vulnerability assessment, an internal scan and an on-site review to ensure that your company is protected against basic hacking and phishing attacks.

How do we help you prepare for Cyber Essentials?

We provide information security consulting services to prepare an organisation for its audit on the five main controls of the Cyber Essentials scheme:

Our Cyber Essentials service also includes:-

• Defining the scope for the Cyber Essentials certificate
• Completing the Self-Assessment questionnaire (SAQ)
• Conducting the on-site assessment if Cyber Essentials Plus is the goal
• External Vulnerability scan
• Certification

Cyber Essentials Certification Benefits

If you have a weak approach to cyber security by failing to do the basics, you will experience some form of cyber attack.

As part of your risk management processes, you should be assessing whether you are likely to be the victim of a targeted or un-targeted attack.

• Gaining Cyber Essentials certification enables organisations to demonstrate they are trustworthy and secure when it comes to cyber security.
• Saves time and money as Cyber Essentials can prevent approximately 80% of cyber attacks
• Cyber Essentials Plus gives independent assurance of cyber security controls
• Cyber Essential certificate holders can be considered for Government contracts
• Cyber insurance premiums can be reduced by presenting your Cyber Essentials certificate
• Identify risks and put controls in place to manage or reduce them
• Gain stakeholder and customer trust that your and their data is protected
• Demonstrate compliance and gain status as preferred supplier
• Meet more Government and Client/Customer tender expectations by demonstrating compliance