CYBER ESSENTIALS for your Business

We help businesses achieve Cyber Essentials and Cyber Essentials Plus certification.

Why you need Cyber Essentials

Cyber Essentials is a government backed and industry supported certification for businesses run by National Cyber Security Centre (NCSC). Cyber Essentials helps you to guard against the most common cyber threats and demonstrate your commitment to Cyber Security. The stats show that more than 80% of the successful cyber attacks could have been prevented with the basic security controls in place. Cyber Essentials will help you with exactly that.

10 Steps to Cyber Security

Download this free guide too help you get started.

The scheme provides an accessible way for companies and organisations of all sizes to demonstrate their commitment to cybersecurity through a recognised and government-backed standard.

​What is involved in achieving Cyber Essentials Certification?

There are two types of Certifications. Cyber Essentials and Cyber Essentials Plus. They both start with a questionnaire. The following areas are assessed in both levels.

1. Firewall Security

A firewall should be in place between the Internet and your organisation’s internal network. This firewall should be securely configured and be reviewed regularly.

2. Secure Configuration

Devices and software should be configured securely to prevent them from being compromised by a malicious user or malware. Default passwords should be changed, and all passwords should be suitably complex to prevent them from being guessed. All unnecessary software should be removed from end-user devices.

3. User Access Control

Access to your organisation’s data should be controlled through correctly assigned user accounts. Administration privileges should be tightly controlled, and administrative rights should only be granted to users who have a genuine, business need for this level of access.

4. Malware Protection

A robust anti-malware solution should be applied to prevent servers and end-user devices from being infected with malicious software. Cyber Essentials allows this to be achieved through conventional anti-virus software, application white-listing or by running applications in “sandboxed” environments.

5. Patch Management

All security updates and patches should be applied to devices and installed software. This ensures that security vulnerabilities are fixed and reduces the likelihood of devices and applications being compromised by a malicious user or malware.

Cyber Essentials Certification

The Cyber Essentials Level 1 is a self-assessment certification that combines the security questionnaire and an external vulnerability scan of Internet facing systems for your organisation. There is no onsite visit for Level 1.

Cyber Essentials Plus Certification

Cyber Essentials Plus combines a self-assessment security questionnaire, an external vulnerability scan of Internet facing systems as well as authenticated vulnerability scans of your internal workstations and mobile devices. We will review the self-assessment questionnaire and external vulnerability assessment results, then arrange an onsite visit to test your internal workstations and mobile devices. If all elements of testing pass you will be issued a Cyber Essentials Plus certificate and can use the certified badge.

Cyber Essentials Vs Cyber Essentials Plus

Why do you need TechForce?

TheTechForce is an Approved Cyber Essentials Practitioner (ACE Practitioner). We are approved consultants to help your business go through the Certification process and achieve your goals.

We can take you through the whole process. From filling in your application to get the Scottish Enterprise grant (for eligible businesses), helping you understand and implement the cyber security requirements through to filling in the answers for your Cyber Essentials application.

TheTechForce will conduct the Cyber Essentials gap analysis and help you implement the missing controls. We will make sure your systems are configured properly before you go through the certification. After all, the whole point of Cyber Essentials is to identify the fundamental security controls that organisations should have in place to secure themselves against common cyber threats.

What you need to know about Cyber Essentials

Here is a quick guide to everything you need to know about Cyber Essentials


Ready to go ahead

Awesome. We would love to help you get there. Whether it's Cyber Essentials Level 1 or Cyber Essentials Plus we will hold your hand throughout the whole process and make sure you achieve your goals.


Related Articles

Need help getting your Cyber Essentials Certification?

We're here to help, feel free to give us a call and discuss how we can make the process as smooth as possible for you.

Back to start