Cyber Essentials – it’s simple, accessible to all and protects against 80% of common threats

Cyber Essentials – simple to implement, accessible to all and helps to protect companies from 80% of common threats from only £300.


The Government backed scheme Cyber Essentials is designed to offer a solid foundation of basic hygiene measures that all types of organisations can implement and potentially build upon. It is a great starting point for all companies to use to ensure the basics are done.  It was developed within the context of the Government’s 10 Steps to cyber security.

“It provides a clear statement of the basic controls all organisations should implement to mitigate the risk from common internet based threats” HM Government Cyber Essentials scheme

Cyber Essentials is mandated by some Government agencies to provide a level of third party assurance for their suppliers.

Five Controls

The simplicity of the scheme is that an organisation can download a questionnaire which will highlight the key five controls they need to have implemented to ensure that the basics are covered. These are summarised under the following headings:
  1. Boundary firewalls and internet
  2. Secure configuration
  3. Access control
  4. Malware protection
  5. Patch management

Following the questionnaire, and reviewing these five controls, enables organisations to effectively carry out their own gap analysis to ensure they are doing the basics. Unlike PCI compliance and ISO27001, Cyber Essentials does not require an auditor to visit site, it is effectively a self assessment, which is then verified by a Cyber Essentials Certification Body, such as Securious.

Certification BodyOften Securious will further clarify answers on the questionnaire to satisfy ourselves that the requirements have been met. Our aim is to ensure that all organisations have protected themselves, therefore we may ask for further details about your controls, particularly if the answer to a question is a simple ‘Yes’ or ‘No’.

We are happy to help explain the intent of questions for you and provide you with further information if you are not sure whether you have met the requirements or not.

Registered under Cyber Essentials Certification Scheme?

Certification bodies, other than those registered under Crest, have to achieve the Cyber Essentials Certificate Cyber Essentialsthemselves and can use this logo.

Only organisations that been certified under this scheme are able to use the logo such as the one on the Securious certificate This shows organisations that we have taken the necessary steps to certify under the Cyber Essentials scheme and take our own cyber security seriously.

How much will it cost?

The verified self assessment will cost £300. If you need more help it will cost more depending on the level of assistance you need.

Securious is ideally positioned to assist you, our staff include qualified Certified Information Systems Security specialists who are also experienced in the requirements of the scheme.

We would like to emphasise that meeting the requirements of the scheme can often be achieved without having to sign up to several days of consultancy. Ideally a quick, no obligation, chat will identify your needs and then we can give you an honest answer about the scope of work and your requirements.

We don’t want to sell you days of consultancy that you don’t need, we want to find solutions that meet your needs and protect your organisation.

If we help you implement solutions we will not certify our own work but will ask an external Certification Body to verify the questionnaire for you.

Cyber Essentials Plus

Cyber Essentials Plus offers a higher level of assurance and involves the external testing of the organisation’s cyber security approach.  This involves a site visit and an internal and external vulnerability scan and will help give you, and your customers greater assurance.  Cyber Essentials Plus will require more resource and therefore the cost will depend on the scope of the work, a no obligation chat with us will help to determine your requirements. Securious are able to carry out the necessary penetration testing (vulnerability scans) and have qualified staff in order to do this.

Securious prides itself on ensuring that you have access to highly experienced and qualified staff who are passionate about reducing cyber vulnerabilities and making your organisation secure.

To find out more about the scheme, see our Cyber Essentials page or call us for a no obligation chat on 01837 871247

 Securious is a cyber security compliance company based in Devon serving businesses and organisations across the South West and beyond. We offer rapid Cyber Essentials certification, ISO 27001 Compliance and PCI DSS Compliance as well as PEN testing (penetration testing) and cyber security consultancy.