The Cyber Essentials scheme is a fantastic way to improve your cyber security defences while assuring your customers and partners that you take cyber security seriously. Level 1 of the Cyber Essentials standard consists of a self-assessment in which you’ll confirm that your organisation has all the appropriate controls in place. An organisation has two options: it can either complete the self-assessment internally or work with an experienced certification body throughout the process.
With Level 2, which is Cyber Essentials Plus, unlike with the self-assessment version, a certification body must perform an audit to check that you’ve successfully met all five technical controls. The specifications needing to be met can raise many unknown questions regarding your organisation’s current security health. However, by opting for the audited Cyber Essentials standard, you can feel confident as a cyber security focused company will support you throughout the process and verify your answers.
Certification Benefits
-
Opportunity to bid for government contracts and other projects that require Cyber Essentials
-
Be added to the online Cyber Essentials directory
-
Better understanding of your scope and how to further develop your cyber security strategy
-
Reduce insurance premiums as some providers now ask if you are Cyber Essentials Certified
-
Eliminate low hanging fruits to minimise the risk of attack
-
Increase your credibility by showing partners and customers that you take security seriously
-
Opportunity to bid for government contracts and other projects that require Cyber Essentials
-
Be added to the online Cyber Essentials directory
-
Better understanding of your scope and how to further develop your cyber security strategy
-
Reduce insurance premiums as some providers now ask if you are Cyber Essentials Certified
-
Eliminate low hanging fruits to minimise the risk of attack
-
Increase your credibility by showing partners and customers that you take security seriously
Why Data Connect?
With the help of the Data Connect team, you can rest assured that the certification process will be transparent and smooth.
- A cyber security focused company offering end-to-end services
- Backed by our Cyber Essentials advisors and powered by dynamic technology
- The chance to talk to our other customers to find out about their experiences
What to Expect
Cyber Essentials is a government-backed scheme that outlines the five technical controls an organisation must have to ensure an effective level of security. The technical controls are firewalls, secure configuration, user access control, malware protection and patch management. The National Cyber Security Centre (NCSC) has assured organisations that, with Cyber Essentials, the most common cyber attacks can be prevented.
As the threat landscape evolves, the technical requirements can be updated by the two governing bodies, the NCSC and IASME, to reflect new security vulnerabilities. An organisation needs to reapply for the Cyber Essentials certification every 12 months, which validates that your current security protocols are effective in the current threat landscape.
Certification Options
UNASSISTED
Some organisations have the internal resources and experience to carry out the self-assessment process confidently and without guidance. If you choose this approach, you can select a trusted certification body to assess your completed questionnaire.
vSOC CERT
The Cyber Essentials Review Toolkit gives you a comprehensive set of tools and ongoing support from our cyber security experts throughout the year. Our technology and consultancy will simplify the certification process and ease your recertification for years to come.
vSOC AIM
At Data Connect, Cyber Essentials is more than ticking a box. We use the certification journey to understand your organisation’s challenges and IT environment, helping you understand the complex nature of current threats and keeping you on track for future compliance recertifications.
Packages
Please answer the following questions and complete the contact form to submit. A member of our team will be in touch shortly.
FAQs
What does the Cyber Essentials Plus audit look like?
The Cyber Essentials Plus audit is an independent verification of the controls to which you will attest to within the Cyber Essentials questionnaire. The auditor will run tests on a sample set of devices for which your end users should be present and should run the tests under the guidance of the assessor. So long as the questionnaire has been answered correctly, your organisation should be able to pass the Cyber Essentials Plus standard.
How long does the certification process take?
This can vary dependant on the organisation. However by working with Data Connect we optimise the certification process by checking your technical controls and sorting out any issues before the Cyber Essentials Plus audit.
For Cyber Essentials, what are the core technical controls?
There are five core technical controls which include secure configurations, security updates, boundary firewalls and internet gateways, access controls and malware protection.
Can we get Cyber Essentials if we aren't based in the UK?
Yes due to Cyber Essentials being an internationally recognised standard. We have helped many international organisations achieve Cyber Essentials. In many cases, these businesses wanted to increase credibility within the UK market.
How do we renew Cyber Essentials?
By working with Data Connect, you can be confident that your organisation is in the right hands. You'll be given a dedicated account manager who will continue to work with you. This means that they will be invested in you and your organisation, checking in and reminding you of future renewal dates.
Additionally, you can subscribe to our vSOC CERT (Cyber Essentials Review Toolkit) service, which allows you to check whether you are Cyber Essentials compliant throughout the year. You will have access to a range of benefits and powerful tools, while streamlining recertification.