The Cyber Essentials Scheme

What is the Cyber Essentials scheme?

The Cyber Essentials scheme is a UK government-backed framework supported by the NCSC (National Cyber Security Centre). It sets out five basic security controls that can protect organisations against 80% of common cyber-attacks.

The scheme is designed to help organisations of any size demonstrate their commitment to cyber security – while keeping the approach simple and the costs low.

The certification process is managed by the IASME Consortium (IASME), which licenses certification bodies to carry out Cyber Essentials and Cyber Essentials Plus certifications.

Why get certified?

What are the benefits of Cyber Essentials?

By correctly implementing the five basic security controls, the Cyber Essentials scheme will help you reduce the impact of such threats as:

– Phishing attacks
– Malware
– Ransomware
– Password-guessing attacks
– Network attacks

Demonstrate supply chain security

Achieving Cyber Essentials certification will help you demonstrate your commitment to data protection and cyber security.

Win new business

Boost your reputation and attract new business by assuring customers you take cyber security seriously and have cyber security measures in place.

Work with the local and national government and the MOD

Cyber Essentials will permit you to work with the UK government and Cyber Essentials Plus will allow you to work with the MOD. Essentially, excuse the pun, if you want to win business paid for from the public purse, you must have Cyber Essentials as a minimum.

Be listed on the NCSC’s database

Cyber Essentials certificates issued in the previous 12 months will be displayed on the NCSC website. This shows suppliers your commitment to protecting your and your customers’ data.

The NCSC (National Cyber Security Centre) has reviewed what influence Cyber Essentials has on cyber security attitudes and behaviours. It found:

93% of certified organisations are confident that they are protected against common, Internet-based cyber-attack.
61% of certified organisations say they are more likely to choose suppliers with Cyber Essentials or Cyber Essentials Plus certification; and
Certified organisations are better prepared for cyber-attacks, as they implement more security controls and are aware of the risks.