Skip to main content
Tel:0330 400 5465

What is Cyber Essentials?

What is Cyber Essentials?

To help combat Cyber Crime the UK Government introduced the industry-backed Cyber Essentials certification scheme.   The scheme was born out of the need for organisations to take cyber security seriously in order to protect themselves after studies found that 85% of cyber attacks could have been prevented by achieving fundamental cyber hygiene. 

There are two standards available: Cyber Essentials and Cyber Essentials PLUS.

CSG offers fully managed support and certification paths for the basic and advanced levels of certification.

Protect your business against cyber attack …

Cybercrime is predicted to cost companies £7 trillion worldwide by 2025 and threats are growing in both number and complexity with many high-profile global attacks frequently making the news.

It’s been reported that half of all businesses have suffered a cyber security breach or attack within the last year, with 1 in 3 stating material loss.  

Figures are likely to be much higher since many attacks go unreported.

The General Data Protection Regulation (GDPR) also means liability for cyber breaches falls on businesses that must ensure their data is adequately protected to meet compliance or risk fines.

Why you need to get certified …

Reduce your risk of cyber attack

Cyber Essentials is estimated to reduce the threat of attack by up to 80%.

Stakeholder assurance

Demonstrate your commitment to protecting your own data, your customers and your suppliers.

Secure more business

Boost your reputation and increase your chances of securing new business – certification is a minimum requirement for UK Defence and Government contracts.

Simple and cost-effective

Cyber Essentials offers a practical and affordable framework to implement and prove good cyber hygiene measures.

Support compliance

Recommended by the Information Commissioner’s Office (ICO), Cyber Essentials will help you comply with GDPR and associated ISO standards, and tie in with the National Cyber Security Centre’s Ten Steps to Cyber Security.

Lower insurance premiums

Organisations with a Cyber Essentials certificate are more likely to enjoy reduced cyber insurance premiums versus those without.

The 5 Key Controls

The Cyber Essentials scheme defines a set of 5 key technical controls that will help safeguard your business from the most common types of cyber threats and demonstrate your commitment to cyber security.

Access Control

Protecting user accounts and restricting access to prevent misuse from unhappy staff or external cyber criminals making changes and accessing data.


Correctly configured firewalls and gateways to protect your internal network against attacks from the Internet by blocking unwanted traffic that could be harmful.

Malware Protection

Up-to-date and managed Anti-virus/malware solutions on all devices to spot and immobilise malware (viruses, worms, spyware, botnet software, ransomware).

Secure configuration & network management

Secure configuration of software and devices to lock any open doors which aren’t required e.g. closing old accounts, removing old software and creating strong passwords.

Updating Software/Patching

Preventing cyber criminals from exploiting software vulnerabilities by applying security patches and automatic updates, and removing unsupported and unlicensed software.

Our 5-Step Certification Process

CSG’s certification process is designed to ensure your success with the Cyber Essentials scheme. Through our initial audit, we’ll identify any shortfalls you may have and resolve them to make sure you’re fully prepared for assessment.


  1. Cyber Essentials Audit

Perform an initial audit covering the 5 key technical controls needed to achieve.

  1. Recommendation Report

Produce a recommendation report identifying any gaps with a plan to rectify major issues certification.

  1. Remedial Action

Complete any remedial work needed e.g. updating software, changing passwords, and removing old accounts.

  1. Complete Assessment

Once fully prepared, complete and submit a questionnaire-based assessment.

  1. Issue Certification

Issue certification once approved

According to the UK Government, Cyber Essentials can help protect organisations from around 80% of the most common cyber attacks.

Become Cyber Essentials Certified with the help of CSG

CSG is experienced with cyber security frameworks and covers the review, alignment and certification process. One of our technical delivery staff members will be on hand to guide you throughout, making sure you’re fully prepared for certification.

We’ll manage your Cyber Essentials certification, conducting a gap analysis and reporting around the 5 critical controls. We will identify any remediation required before assessing to ensure your organisation is ready for certification.

Once you’re ready, one of our fully certified assessors will complete and submit your response and issue the certification.

If you feel you’re ready to take Cyber Security seriously and need the peace of mind that the Cyber Essentials certification process brings you, then please read more or book here, or if you have any questions on the process and what it may mean for your business, contact us here!

Contact us to start the process of getting Cyber Essentials Certified!

Related Content

27 Oct

Legacy Cyber Security Controls Aren't Enough ...

05 Oct

Benefits of a Cyber Security Risk Assessment

07 Feb

Cyber Security – What are the Risks