Cyber essentials security standard

2 min read.

News Article
4 October 2020
What is Cyber Essentials certification? Cyber Essentials has been developed as part of the UK’s National Cyber Security Framework set up by HM Government and is supported by approved industry specialists to implement effectively. The Cyber Essentials Certification was set up to provide guidelines as to the minimum requirements for maintaining Cyber Security standards in UK organisations.

Do you need to become certified? If you work within an industry that deals with confidential data – such as legal, education or professional services – you have a duty of care to ensure you have taken the necessary actions to secure your data from a cyber-attack. The Cyber Essentials certification is the most effective solution for achieving recommended security compliance, having shown to reduce security risk by 80% in organisations who are accredited.

Now seen as the recognised government standard for Cyber Security, many procurement departments consider this a mandatory requirement – and will only work with service providers who have the Cyber Essentials kite mark, particularly if data confidentiality is at risk.

Reasons to gain certification

  1. Certification is a mandatory requirement from many procurement teams

  2. The simple & basic controls will reduce your security risk by 80%

  3. You can qualify for up to £25,000 cyber-liability insurance should a data breach occur

  4. It is very easy, quick and inexpensive to implement

  5. It offers reassurance and trust to clients, investors, insurers and other stakeholders

  6. You can gain strong competitive advantage within your industry

How do you achieve certification?

The process for Cyber Essentials certification is very simple compared to other accreditatons such as the ISO framework and requires little investment. It involves completing a self-assessment questionnaire to review the controls you take to mitigate the risks for common cyber threats, and will assess your IT infrastructure in the following areas:

  • Secure Configuration

  • Boundary Firewalls and Internet Gateways

  • Access Control and Administrative Privileged Management

  • Patch Management

  • Malware Protection

Frequently organisations have everything in place to achieve certification, however the process will identify if there are any areas for concern.

NETprotocol is an approved assessor for the Cyber Essentials Framework and is qualified to assess, advise and certify your business today. We also offer remediation services to ensure you are in the best position to achieve certification.

To view the self assessment questionnaire or gain more information on prices, please click below or contact us direct on 0330 055 3385 or