CCN Logo

What is the Cyber Essentials scheme?

Cyber Essentials is a UK government scheme supported by the
NCSC (National Cyber Security Centre) sets out five basic security
controls that can protect organisations against 80% of common
cyber attacks.

The scheme is designed to help organisations of any size
demonstrate their commitment to cyber security – while keeping the
approach simple and the costs low.

The Cyber Essentials certification process is managed by the
IASME Consortium (IASME), which licenses certification bodies to
carry out Cyber Essentials and Cyber Essentials Plus certifications.

CCN Limited are registered partners with the licenced certification body IT Governance and will guide you through the process and guarantee certification.

Why do I need Cyber Essentials?

Prevent around 80% of cyber attacks

Correctly implementing five basic security controls will protect your
organisation against the most common cyber threats.

Demonstrate supply chain security

Achieving Cyber Essentials certification will help you demonstrate
your commitment to data protection and cyber security.

Win new business

Cyber Essentials certification will help boost your reputation and
give you a better chance of winning new business.

Drive business efficiency

You can focus on your core business objectives knowing you are
protected from the most common cyber attacks.

Reduce cyber insurance premiums

Cyber insurance agencies look more favourably on organisations
that have achieved Cyber Essentials certification.

Work with the UK government & MOD

Cyber Essentials will permit you to work with the UK government
and Cyber Essentials Plus will allow you to work with the MOD.

Find Out More

Choose the certification that's right for you:

  • • You are confident defining the scope of your assessment for the entire organisation.
  • • You own and operate your entire IT infrastructure
  • • You are familiar with the five Cyber Essentials controls and how to implement them.
  • • You have previously achieved Cyber Essentials certification and want to renew, and your scope has not changed.
  • • You have a more complex or expansive IT infrastructure.
  • • You can define your scope but have additional questions.
  • • Your network is more cloud based or a shared office environment.
  • • You know how to configure your IT to improve security but will need assistance to fully define the five key controls.
  • Certification can apply to organisation’s full enterprise IT or just a subset. Either way, the scope of the network needs to be clearly defined before the certification process can get underway.

    Please refer to the “certification process stages” section of the Cyber Essentials Guide.

  • As part of the certification process and scope, CCN will carry out a pre-assessment security audit on your network which will include a review of your staff awareness methodology and internal security processes. On completion, you will be advised as to any changes that may be required.

  • Once the organisation has determined its scope and the Audit is complete the next step to certification is to complete a self-assessment questionnaire (SAQ). This comprises 70 questions across 8 sections (including the 5 control areas); all sections must be passed for certification to be awarded.

  • Additional assessment such as internal and external vulnerability scans against the public – facing infrastructure patch levels and system configuration will be carried out along with a security and anti-malware test to ensure the systems are resistant to malicious email attachments and web binaries.

Related Services from CCN

Cyber Security Essentials Certification

Get in touch today to learn more:

Sophos Cyber Security
Cyber Essentials

Other ways CCN can help your business…

Find the right people to take your team to the top with CCN Recruitment.

CCN Recruitment