Cyber Essentials is a UK government-backed certification scheme that demonstrates your business has implemented five fundamental technical controls to protect against the most common cyber attacks. It’s become a baseline security standard that many organisations now require from their suppliers.
The scheme covers five key areas: secure configuration (ensuring systems are set up securely), boundary firewalls and internet gateways (protecting your network perimeter), access control and administrative privilege management (limiting who can access what), patch management (keeping software updated), and malware protection (defending against viruses and ransomware).
There are two levels: Cyber Essentials (a self-assessed questionnaire verified by an external certifying body) and Cyber Essentials Plus (includes hands-on technical verification by qualified assessors who actively test your systems). Both certifications last 12 months and must be renewed annually.
For UK businesses, Cyber Essentials offers several important benefits: it’s mandatory for government contracts over £5 million involving handling sensitive information, increasingly required by larger private sector clients as a supply chain security requirement, can reduce cyber insurance premiums, demonstrates due diligence in protecting data, and helps meet GDPR’s requirement to implement appropriate technical measures.
Whilst Cyber Essentials focuses on technical basics, it’s remarkably effective – the National Cyber Security Centre (NCSC) estimates it prevents around 80% of common cyber attacks. However, it’s designed as a baseline, not comprehensive security, so you may need additional measures depending on your risk profile and sector.
GoodChoice IT helps London and Surrey businesses achieve Cyber Essentials and Cyber Essentials Plus certification. We assess your current security posture, implement necessary technical controls (firewalls, antivirus, patching, access controls), complete the self-assessment questionnaire, and prepare you for the external verification process. We also provide ongoing support to maintain compliance and renew certification annually.
« Back to Glossary Index