Question 1

How much does Cyber Essentials cost?

Accepted Answer

There are two levels of Cyber Essentials certification. The cost of Cyber Essentials (verified self-assessment)  depends on the size of the organisation.  Pricing is below: 0-9 Employees (Micro):  £300 Excl. VAT 10-49 Employees (Small):  £400 Excl. VAT 50-249 Employees (Medium):  £450 Excl. VAT 250+ Employees (Large):  £500 Excl. VAT  The cost of a Cyber Essentials Plus assessment will depend on both the size and complexity of your network(s).

Question 2

How much does Cyber Essentials Plus cost?

Accepted Answer

Cyber Essentials Plus involves a technical audit of the systems that are in-scope for Cyber Essentials certification.  This includes: A representative set of user devices All internet gateways All servers with services accessible to unauthenticated internet users. The cost of a Cyber Essentials Plus assessment will depend on the size and complexity of your network(s).  For an estimate or quote, please get in touch via our Contact page.

Question 3

What are the requirements of the Cyber Essentials scheme?

Accepted Answer

Cyber Essentials focuses on five technical control themes: Firewalls Secure Configuration User Access Control Malware Protection Patch Management The Cyber Essentials requirements document document and the Cyber Essentials Plus illustrative technical specification (for Cyber Essentials Plus) can both be found here

Question 4

Do Cyber Essentials certificates expire?

Accepted Answer

All new certificates issued will have a 12-month expiry date. The UK government recommends that you renew your certification at least annually. Companies are removed from the ‘certified organisations’ list if they have not been certified within the past 12 months.   Any company we support through certification will be notified at least one month ahead of expiry.

Question 5

Do I need Cyber Essentials to bid for Government contracts?

Accepted Answer

Government contracts are likely to require you to be Cyber Essentials certified or to be able to demonstrate that the technical controls are in place.  It is advised you firstly confirm with the Government department their expectations with regards to Cyber Essentials certification.   Requirements and exemptions may vary between department, so it is important that you are able to seek clarification for each contract.

Question 6

Are personal or Bring Your Own Device (BYOD) included in the scope of Cyber Essentials?

Accepted Answer

Any device that is used to connect to the business network or access any business applications or services is included in the scope for Cyber Essentials.  For example, if you use mobile phones to view work emails.  These devices also need to meet the requirements of the scheme: A secure lock / pin on the mobile device  Malware protection Phones cannot be jailbroken / rooted Updates must be applied within 14 days of release

Question 7

Where can I find additional help and advice?

Accepted Answer

Right here!  Just get in Contact with us and we will be more than happy to assist you on your Cyber Essentials journey.

What is Cyber Essentials?

Why get Certified?