Managed IT Support icon
Managed IT Support
Managed Cyber Security icon
Managed Cyber Security
Managed Microsoft Cloud icon
Managed Microsoft Cloud
Connectivity icon
Cyber Essentials icon
Cyber Essentials
Backup and DR icon
Backup and DR
Cyber Security

Why your organisation needs Cyber Essentials  

Why your organisation needs Cyber Essentials  

Showcase your security credentials to grow your business 

As the threat of cyber attacks continues to grow, so does the need for robust cyber security measures. Cyber Essentials is a simple but effective government-backed scheme that helps organisations protect themselves against the most common cyber attacks.  

Certification provides a way for businesses to demonstrate their commitment to protecting sensitive data and systems. It is a prerequisite for working on certain contracts, e.g. some government contracts, and a growing number of organisations require that their suppliers be certified. 

But this is not just a hoop to jump through. Cyber Essentials provides a framework that all organisations should follow, whether they feel they need official certification or not, because it improves security and reduces the risk of a breach.  

What is Cyber Essentials? 

Introduced by the UK government in 2014 and updated in 2022, the Cyber Essentials scheme is a recognised baseline for cyber security. Organisations that follow the Cyber Essentials framework are protected against a wide range of common cyber attacks (and, by extension, protected from some of the more targeted in-depth attacks that can follow on from initial breaches). 

According to the government, “Around 80% of cyber attacks could be prevented if businesses put simple security controls in place. The Cyber Essentials scheme shows how to put these controls in place.”  Cyber security boost for UK firms  

Certification gives you reassurance that your defences are effective against these common attacks, and it can also reassure your customers who can search for your certificate on a central database. 

The scheme is managed by the National Cyber Security Centre and comes with two levels – Cyber Essentials and Cyber Essentials Plus.  

Cyber Essentials uses a self-assessment questionnaire, with the answers independently reviewed. 

Cyber Essentials Plus requires an external audit and tests of the relevant systems. 

Both levels cover the same categories of: 

1. Firewalls 

2. Secure configuration 

3. Security update management 

4. User access control 

5. Malware protection 

Cyber Essentials is suitable for all organisations, whatever their size or sector. 

Cyber Essentials certified logo.

Cyber Essentials can help grow your business 

Cyber Essentials was launched with support from bodies including the FSB (Federation of Small Businesses) and the CBI (Confederation of British Industry)

Already the MoD and other government bodies require that their suppliers be Cyber Essentials certified, and a growing number of organisations are making Cyber Essentials a requirement. This gives them some reassurance that their sensitive data is safe with you and that your organisation takes cyber security seriously. A company is only as secure as the weakest link in its supply chain and cybercriminals can break into a system via gaps in a trusted supplier’s security, so demonstrating that you prioritise cybersecurity makes your business more attractive to work with. 

SMI have been a client of HBTech since 2017. Among other things, we help them with their Cyber Essentials Plus accreditation, which is vital to their business. Their client roster includes customers in highly regulated industries who require robust cyber security. Duncan Rodgers, SMI’s ERP & Projects Specialist explains, “Cyber Essentials Plus forms a key component of the wider cyber assurance demanded by SMI’s defence and aerospace customers. The annual accreditation includes testing of systems, protection software and protocols and colleague adherence to IT policies.”  

In some industries, Cyber Essentials certification forms part of the process of achieving quality mark accreditation. For example, law firms wishing to attain Lexcel accreditation should be Cyber Essentials certified.  

ACCA (the Association of Chartered Certified Accountants) has called Cyber Essentials “an essential tool for accountants” and “a minimum baseline of cybersecurity for accounting firms”. 

As well as the obvious benefits to cybersecurity, Cyber Essentials helps compliance with data protection legislation and the GDPR. It helps you to protect the sensitive personal data you hold (e.g. on your customers, suppliers and staff). 

In addition, UK organisations with a turnover under £20m who achieve Cyber Essentials certification are entitled to £25,000 Cyber Liability Insurance cover. 

Even if your customers do not require certification, it builds trust in your organisation and demonstrates a level of professionalism that enhances your reputation. 

A hand typing on a keyboard with cyber security logos floating on the screen.

Make Cyber Essentials part of your business strategy 

We have already helped many organisations make Cyber Essentials part of their business strategy. Even if our customers don’t need certification, we follow the framework as a matter of good practice to provide a level of cyber security. 

For our customers who choose certification, we help with the process and we guide them through the entire journey.  

Our customers have a 100% pass rate. 

We lean on HBTech to not only ensure good ongoing IT health and security but for support of the Cyber Essentials Plus accreditation. HBTech’s facilitation enables the testing to be completed quickly and should any concern arise, they are able to swiftly address and resolve these. I am delighted that we have once again successfully reaccredited”.     Duncan Rodgers, ERP & Projects Specialist, SMI 

If you would like to learn more about Cyber Essentials, or achieve your Cyber Essentials certification, we can help. Please contact us.