Cyber Essentials_

The new government cyber security standard. As official assessors, we can get you certified quickly and easily.

Speak to an Expert

What is Cyber Essentials?

Cyber Essentials is a Government-backed and industry supported scheme that helps businesses to protect themselves against the ever growing threat of cyber attacks, and gives you certification so you can show your business partners, customers and regulators that you take cyber security seriously. Cyber Essentials is now mandatory in a number of government contracts and is expected to become a prerequisite for a broader range of both public and private sector tenders in the near future. Two levels of accreditation are currently available: Cyber Essentials (self-assessment) and Cyber Essentials PLUS (audited assessment).

Why become Cyber Essentials Certified?

By gaining Cyber Essentials, you can take a pro-active stance against cyber attacks and protect your company’s brand, reputation and profitability. Cyber attacks are becoming a more frequent occurrence for companies of all sizes so it’s a case of when not if you are attacked. The cost of putting your company through the Cyber Essentials accreditation scheme is negligible compared to the cost of a cyber attack. Plus, it puts you in a strong position to gain new business both in the public and private sector.

According to the UK Government, in 2014, 60%* of SMBs experienced a security breach. The same survey has estimated that a severe cyber attack on a SMB costs upwards of £65k.

*UK Gov, The Information Security Breaches Survey – Department of Business, Innovation & Skills

Benefits of Cyber Essentials certification

  • Show commitment to security – Demonstrate to your business partners, regulators and suppliers that you take cyber security seriously.
  • To win public sector work – It is mandatory for government suppliers.
  • Competitive advantage – in comparison to rivals without accreditation.
  • Safeguard commercially sensitive data – Cyber criminals target companies with high value data.
  • Advice from a cyber security consultancy – Gain an expert oversight of your cyber security controls.
  • Gain independently verified accreditation – from cyber security experts.
  • Protect your company’s profits and reputation – by avoiding the financial disaster and negative publicity associated with a cyber attack.
  • Free Cyber liability Insurance Cover – when you pass the assessment and meet the criteria (terms apply).

Why use 2-sec?

We take a bespoke, approach to assessment for each of our clients:

Commitment to understanding your business – We will take adequate time to understand your business, operations and process to accurately scope your Cyber Essentials assessment.

w

Clear communication – Our mission is to ‘simplify security’. We will communicate our recommendations to you in a clear and jargon-free way.

Dedicated Customer Success Manager – We know that you’ll have a lot of questions throughout this accreditation process, so you’ll have direct phone and email contact with your own go-to person.

Multiple assessment routes – We offer a range of methods of certification according to your situation – self-assessment, on-site support or a combination of both.

Industry leading cyber security experts – We have worked with cyber security industry standards long before Cyber Essentials was introduced in 2014, including ISO 27001, PCI DSS, PA-DSS and IASME.

Z

Fully accredited – At both a corporate and an individual level including CREST, QSA, PCI DSS, PA-QSA, CE+, IASME, CHECK, CISSP, CISA, CISM, SANS-GIAC and CEH.

How it works

Cyber Essentials focuses on a set of five controls which when properly implemented will provide you with basic protection from common cyber security threats. These controls apply to a defined scope, which could your whole company, or part of your company depending on your needs. The five controls are as follows:

Boundary firewalls and internet gateways

These devices are designed to prevent unauthorised access to or from private networks.

Secure configuration

Ensuring that systems are configured in the most secure way for the needs of the organisation.

Access control

Ensuring only those who should have access to systems to have access and at the appropriate level.

Malware protection

Ensuring that virus and malware protection is installed and is it up to date.

Patch management

Ensuring the latest supported version of applications is used and all the necessary patches supplied by the vendor been applied.

Accreditation Options

2-sec offer a range of certification options, from a self-assessment for Cyber Essentials through to a more in-depth audited assessment designed for businesses who want to attain the more rigorous Cyber Essentials PLUS qualification. 2-sec are approved certifying bodies under both CREST and IASME schemes.

Cyber Essentials

  • Pre-assessment scoping call.
  • You answer a series of questions.
  • We remotely verify your answers and seek clarity where needed.
  • We conduct an external vulnerability scan of your systems.
  • We verify compliance status of any third parties you use.
  • Interim report issued.
  • All remediation points must be addressed, within 4 week window.
  • We issue Cyber Essentials report and certification (if applicable).
  • We also provide telephone and email support and access to the 2-sec Cyber Essentials knowledge base.

Cyber Essentials PLUS

  • Successfully complete Cyber Essentials.
  • Pre-assessment scoping call.
  • We carry out a thorough onsite audit of your security controls.
  • We conduct an internal vulnerability scan of your systems.
  • Interim report issued.
  • All remediation points must be addressed, within 4 week window.
  • We will issue a report and Cyber Essentials PLUS certification (if applicable).
  • We also provide telephone and email support and access to the 2-sec Cyber Essentials PLUS knowledge base.

Uncertain which Cyber Essentials accreditation you need?

Contact us and we can help you

Your Name (required)

Company Name (required)

Contact Number

Your Email (required)

Your Message

Or call us on: 0844 502 2066

For more information

There is a wide variety of Cyber Essentials information produced by the UK government, here are the key guides:

Cyber Essentials Summary (UK Gov)     |     Cyber Essentials – Official Website