APMG Cyber Essentials is the quickest and most secure way to get certified
ONLY £300 (+Vat)
Cyber Essentials is an industry supported certification scheme developed by the UK Government. The certification scheme provides criteria for organizations to measure their cyber-security systems. Achieving certification in Cyber Essentials therefore provides confidence and reassurance that the certified organization has covered the essential cyber security precautions.
Do I need to get a Cyber Essentials certification?
The government's Cyber Essentials page states: "Cyber criminals don’t just attack banks and large companies - they target any organisation which isn’t properly protected, even small businesses - like yours". Information on their government contract procurement page highlights that "Cyber Essentials is for all organisations of all sizes, and in all sectors. We are making the scheme mandatory for central government contracts advertised after 1 October 2014 which involve handling personal information and providing certain ICT products and services".
Why was Cyber Essentials introduced?
The cyber space climate is such that instances of cyber security breaches are becoming increasingly frequent. Many organizations are making the wise move of implementing controls such as ISO27001 - but such efforts only constitute a single aspect of an over-arching cyber security strategy.
Cyber Essentials has been developed to address the need for government and wider industry to ensure that their partners and suppliers are implementing a standard level of cyber security. Certification in Cyber Essentials not only instils confidence in the organization achieving certification – but allows the organization to provide evidence to its customers and stakeholders that their assets and data are resilient against cyber threats.
Which controls does Cyber Essentials cover?
Cyber Essentials covers five key controls:
• Boundary firewalls and internet gateways – prevention of unauthorized access
• Secure configuration – ensures secure system configuration
• Access Control – ensures appropriate access to systems
• Malware protection – installation and maintenance of virus and malware protection
• Patch management – application of patches and ensuring the latest version of applications is used
What levels of Cyber Essentials are available?
There are two levels of Cyber Essentials certification available, the standard Cyber Essentials certification and Cyber Essentials Plus.
Cyber Essentials certification will provide a basic level of confidence that an organization has implemented cyber security controls effectively.
Cyber Essentials Plus builds on the Cyber Essentials foundations. Certification at this level tests whether the organization’s implemented controls are sufficient to protect against internet based threats. Achieving Cyber Essentials Plus certification is more challenging than achieving the standard Cyber Essentials certification, and includes a pen test to provide a higher level of assurance that the organization’s cyber assets are secure. Certification is valid for 12 months.
The standard Cyber Essentials certification must already be held in order to apply for Cyber Essentials Plus certification.
What are the benefits of Cyber Essentials certification?
• Provides cost-effective, basic cyber security for organizations of all sizes
• Demonstrates that an organization meets one of the eligibility requirements when bidding for UK Government contracts
• Can reduce the risk of prevalent cyber-attacks on an organization
• Differentiate yourself from your competitors by demonstrating that you take cyber security seriously
The Defence Cyber Protection Partnership (DCPP) advocates Cyber Essentials as the first or four levels of Cyber risk. To cover all four levels, read about our Cyber Defence Capability Assessment Tool (CDCAT) which covers the Cyber risk level to 'high'.
- How do I get a Cyber Essentials badge for my organisation? Updated: 01/11/2017
- How long does the certification last for? Updated: 01/11/2017
- How do I know what will be in scope for my cyber essentials assessment? Updated: 26/02/2016
- Who needs to complete the online CE Application? Updated: 01/11/2017
- Who needs to authorise the completion of the questionnaire? Updated: 26/02/2016
- Who should be on the telephone interview to review the questionnaire? Updated: 26/02/2016
- Will Cyber Essentials stop me getting hacked? Updated: 26/02/2016
- I do not operate my own ISP / have a server, just a laptop / desktop. Is Cyber Essentials suitable for me? Updated: 26/02/2016
- Will the certification body help me fix any issues or prepare for the Cyber Essentials assessments? Updated: 04/12/2016
- How long will it take me to complete my Certification?
Why choose apmg
- APMG services focus on high-quality.
- APMG is accredited by the United Kingdom Accreditation Service (UKAS).
- APMG has heritage in the cyber security field.
- APMG is the only certification body providing GCHQ Certified Training assessments.
Interested in becoming a certification body?
We’re looking for new partners!
APMG Certification Bodies (CBs) are directly responsible for independently verifying and assessing organisations’ cyber security controls so that they meet the requirements of the Cyber Essential scheme.
As a Certification Body your organisation will be responsible for assessing all organisations who wish to meet the criteria of the Cyber Essentials scheme through our new online portal.
If you require further assistance on becoming a Certification Body, then please contact us.