fbpx Skip to main content

Cyber Essentials

Elevate Your Cybersecurity with a Government Recognised Certification

Cyber Essentials certification is not just a recommendation; it’s a vital commitment to cyber security, especially for those handling sensitive data or seeking UK government contracts.

Our experienced NCSC-accredited consultants help you meet the standard and beyond to ensure your business stays ahead of emerging threats.

Effortlessly maintain compliance with CSIQ while you focus on growth.

Find Out MoreFind Out More
CSIQ-Compliance-and-Governance-Header

Who is it for?

Safeguarding your business against cyber-attacks is crucial in today’s digital age. Fortunately, the UK government has introduced the Cyber Essentials scheme to help protect you from the most prevalent online threats.

Cyber Essentials reduces your risk by addressing low-skill, high-impact vulnerabilities and demonstrates your commitment to data protection with an industry-recognised standard.

We are proud to be Cyber Essentials Certification Body, and we offer customised and guided solutions to ensure that you quickly meet the certification requirements. Our team will support you throughout the process to give you peace of mind and confidence in your cybersecurity measures.

What's Covered?

Cyber Essentials covers the following:

  • Firewalls and routers
  • Software updates
  • Malware protection
  • Access control
  • Secure configuration
  • Cloud Services
csiq-square-with-circuit-cut-out
CSIQ-Cyber-essentials-who

Cyber Essentials Plans

Our Cyber Essentials plans offer a flexible solution to achieving certification, regardless of where you are on your company’s journey towards cyber security maturity.

Our managed plans ensure compliance with industry standards and ease the burden of maintaining them. We understand that managing cybersecurity can be overwhelming, so we offer constructive feedback from our experienced cybersecurity consultants.

Rest easy knowing that your customer’s information is in good hands with our Cyber Essentials plans. Choose the right plan for your business and take a proactive approach to cyber security.

Cyber Essentials Plus Plans

Cyber Essentials Plus demonstrates to customers that you are proactive in protecting your data and business from common cyber threats.

Our Cyber Essentials Plus Plans include the same strategies covered within our standard Cyber Essentials plan but with a hands-on technical validation that verifies your protection against cybercrime.

Cyber Essentials Pricing Plans

Our managed solution lays the foundations for compliance frameworks such as IASME Cyber Assurance, ISO 9001, 27001, 22301, and GDPR.

The Cyber Essentials Plus Audit and Guided pricing is based on the average number of consulting hours required to assess all controls. Please use our rapid quoting tool to receive a bespoke price.

The Managed Cyber Essentials Plus package combines Cyber Essentials Self-Assessed, and Cyber Essentials Plus requirements.

Organisation Size
Micro 1-9
Small 10-49
Medium 50-249
Large 250+
Self Assessed
£300 Required Annually Rapid Assessment
Recommended for

Businesses with a strong understanding of information security or completing their annual renewal

  • Same Day Assessment
  • Constructive Approach
  • Cyber Insurance
  • Cyber Essentials Certificate
  • External Vulnerability Scan
  • Policy & Process Review
  • Gap Analysis
  • Quarterly Review Meeting
  • Management System & Training
  • Remote Monitoring & Management
  • Endpoint Device Patching
  • Endpoint Detection & Response
  • Continuous Compliance Monitoring
  • Cyber Essentials Plus Ready
  • All security vulnerabilities and issues can be found in our Risk Management Platform
  • Constructive Feedback
Self Assessed
£400 Required Annually Rapid Assessment
Recommended for

Businesses with a strong understanding of information security or completing their annual renewal

  • Same Day Assessment
  • Constructive Approach
  • Cyber Insurance
  • Cyber Essentials Certificate
  • External Vulnerability Scan
  • Policy & Process Review
  • Gap Analysis
  • Quarterly Review Meeting
  • Management System & Training
  • Remote Monitoring & Management
  • Endpoint Device Patching
  • Endpoint Detection & Response
  • Continuous Compliance Monitoring
  • Cyber Essentials Plus Ready
  • All security vulnerabilities and issues can be found in our Risk Management Platform
  • Constructive Feedback
Self Assessed
£450 Required Annually Rapid Assessment
Recommended for

Businesses with a strong understanding of information security or completing their annual renewal

  • Same Day Assessment
  • Constructive Approach
  • Cyber Insurance
  • Cyber Essentials Certificate
  • External Vulnerability Scan
  • Policy & Process Review
  • Gap Analysis
  • Quarterly Review Meeting
  • Management System & Training
  • Remote Monitoring & Management
  • Endpoint Device Patching
  • Endpoint Detection & Response
  • Continuous Compliance Monitoring
  • Cyber Essentials Plus Ready
  • All security vulnerabilities and issues can be found in our Risk Management Platform
  • Constructive Feedback
Self Assessed
£500 Required Annually Rapid Assessment
Recommended for

Businesses with a strong understanding of information security or completing their annual renewal

  • Same Day Assessment
  • Constructive Approach
  • Cyber Insurance
  • Cyber Essentials Certificate
  • External Vulnerability Scan
  • Policy & Process Review
  • Gap Analysis
  • Quarterly Review Meeting
  • Management System & Training
  • Remote Monitoring & Management
  • Endpoint Device Patching
  • Endpoint Detection & Response
  • Continuous Compliance Monitoring
  • Cyber Essentials Plus Ready
  • All security vulnerabilities and issues can be found in our Risk Management Platform
  • Constructive Feedback
Guided
£924 First Year A Tailored Approach
Recommended for

Businesses confident they are using the right technologies but don’t have an in-house team of security experts to validate the controls

  • Same Day Assessment
  • Constructive Approach
  • Cyber Insurance
  • Cyber Essentials Certificate
  • External Vulnerability Scan
  • Policy & Process Review
  • Gap Analysis
  • Quarterly Review Meeting
  • Management System & Training
  • Remote Monitoring & Management
  • Endpoint Device Patching
  • Endpoint Detection & Response
  • Continuous Compliance Monitoring
  • Cyber Essentials Plus Ready
  • All security vulnerabilities and issues can be found in our Risk Management Platform
  • Consultant Led
Guided
£1024 First Year A Tailored Approach
Recommended for

Businesses confident they are using the right technologies but don’t have an in-house team of security experts to validate the controls

  • Same Day Assessment
  • Constructive Approach
  • Cyber Insurance
  • Cyber Essentials Certificate
  • External Vulnerability Scan
  • Policy & Process Review
  • Gap Analysis
  • Quarterly Review Meeting
  • Management System & Training
  • Remote Monitoring & Management
  • Endpoint Device Patching
  • Endpoint Detection & Response
  • Continuous Compliance Monitoring
  • Cyber Essentials Plus Ready
  • All security vulnerabilities and issues can be found in our Risk Management Platform
  • Consultant Led
Guided
£1074 First Year A Tailored Approach
Recommended for

Businesses confident they are using the right technologies but don’t have an in-house team of security experts to validate the controls

  • Same Day Assessment
  • Constructive Approach
  • Cyber Insurance
  • Cyber Essentials Certificate
  • External Vulnerability Scan
  • Policy & Process Review
  • Gap Analysis
  • Quarterly Review Meeting
  • Management System & Training
  • Remote Monitoring & Management
  • Endpoint Device Patching
  • Endpoint Detection & Response
  • Continuous Compliance Monitoring
  • Cyber Essentials Plus Ready
  • All security vulnerabilities and issues can be found in our Risk Management Platform
  • Consultant Led
Guided
£1124 First Year A Tailored Approach
Recommended for

Businesses confident they are using the right technologies but don’t have an in-house team of security experts to validate the controls

  • Same Day Assessment
  • Constructive Approach
  • Cyber Insurance
  • Cyber Essentials Certificate
  • External Vulnerability Scan
  • Policy & Process Review
  • Gap Analysis
  • Monthly Review Meeting
  • Management System & Training
  • Remote Monitoring & Management
  • Endpoint Device Patching
  • Endpoint Detection & Response
  • Continuous Compliance Monitoring
  • Cyber Essentials Plus Ready
  • All security vulnerabilities and issues can be found in our Risk Management Platform
  • Consultant Led
Managed
£124 + £14 Endpoint / Month 12 month term
Recommended for

Businesses that want to obtain certification quickly and outsource management of the system to a team of cyber consultants

  • Same Day Assessment
  • Constructive Approach
  • Cyber Insurance
  • Cyber Essentials Certificate
  • External Vulnerability Scan
  • Policy & Process Review
  • Gap Analysis
  • Quarterly Review Meeting
  • Management System & Training
  • Remote Monitoring & Management
  • Endpoint Device Patching
  • Endpoint Detection & Response
  • Continuous Compliance Monitoring
  • Cyber Essentials Plus Ready
  • All security vulnerabilities and issues can be found in our Risk Management Platform
  • Managed by CSIQ
Managed
£164 + £14 Endpoint / Month 12 month term
Recommended for

Businesses that want to obtain certification quickly and outsource management of the system to a team of cyber consultants

  • Same Day Assessment
  • Constructive Approach
  • Cyber Insurance
  • Cyber Essentials Certificate
  • External Vulnerability Scan
  • Policy & Process Review
  • Gap Analysis
  • Quarterly Review Meeting
  • Management System & Training
  • Remote Monitoring & Management
  • Endpoint Device Patching
  • Endpoint Detection & Response
  • Continuous Compliance Monitoring
  • Cyber Essentials Plus Ready
  • All security vulnerabilities and issues can be found in our Risk Management Platform
  • Managed by CSIQ
Managed
£198 + £14 Endpoint / Month 12 month term
Recommended for

Businesses that want to obtain certification quickly and outsource management of the system to a team of cyber consultants

  • Same Day Assessment
  • Constructive Approach
  • Cyber Insurance
  • Cyber Essentials Certificate
  • External Vulnerability Scan
  • Policy & Process Review
  • Gap Analysis
  • Quarterly Review Meeting
  • Management System & Training
  • Remote Monitoring & Management
  • Endpoint Device Patching
  • Endpoint Detection & Response
  • Continuous Compliance Monitoring
  • Cyber Essentials Plus Ready
  • All security vulnerabilities and issues can be found in our Risk Management Platform
  • Managed by CSIQ
Managed
£220 + £14 Endpoint / Month 12 month term
Recommended for

Businesses that want to obtain certification quickly and outsource management of the system to a team of cyber consultants

  • Same Day Assessment
  • Constructive Approach
  • Cyber Insurance
  • Cyber Essentials Certificate
  • External Vulnerability Scan
  • Policy & Process Review
  • Gap Analysis
  • Monthly Review Meeting
  • Management System & Training
  • Remote Monitoring & Management
  • Endpoint Device Patching
  • Endpoint Detection & Response
  • Continuous Compliance Monitoring
  • Cyber Essentials Plus Ready
  • All security vulnerabilities and issues can be found in our Risk Management Platform
  • Managed by CSIQ
Organisation Size
Micro 1-9
Small 10-49
Medium 50-249
Large 250+
Audit
£680Estimated Price
Required Annually
Rapid Assessment
Recommended for

Businesses with a strong understanding of information security or completing their annual renewal

  • Constructive Approach
  • Assessment of all Controls
  • Cyber Essentials Plus Certificate
  • Vulnerability Scan
  • Pre Audit & Audit
  • Policy & Process Review
  • Gap Analysis
  • Management System & Training
  • Quarterly Review Meeting
  • Remote Monitoring & Management
  • Endpoint Device Patching
  • Endpoint Detection & Response
  • Continuous Compliance Monitoring
  • All security vulnerabilities and issues can be found in our Risk Management Platform
  • Constructive Feedback
Audit
£1280Estimated Price
Required Annually
Rapid Assessment
Recommended for

Businesses with a strong understanding of information security or completing their annual renewal

  • Constructive Approach
  • Assessment of all Controls
  • Cyber Essentials Plus Certificate
  • Vulnerability Scan
  • Pre Audit & Audit
  • Policy & Process Review
  • Gap Analysis
  • Management System & Training
  • Quarterly Review Meeting
  • Remote Monitoring & Management
  • Endpoint Device Patching
  • Endpoint Detection & Response
  • Continuous Compliance Monitoring
  • All security vulnerabilities and issues can be found in our Risk Management Platform
  • Constructive Feedback
Audit
£2180Estimated Price
Required Annually
Rapid Assessment
Recommended for

Businesses with a strong understanding of information security or completing their annual renewal

  • Constructive Approach
  • Assessment of all Controls
  • Cyber Essentials Plus Certificate
  • Vulnerability Scan
  • Pre Audit & Audit
  • Policy & Process Review
  • Gap Analysis
  • Management System & Training
  • Quarterly Review Meeting
  • Remote Monitoring & Management
  • Endpoint Device Patching
  • Endpoint Detection & Response
  • Continuous Compliance Monitoring
  • All security vulnerabilities and issues can be found in our Risk Management Platform
  • Constructive Feedback
Audit
£3200Estimated Price
Required Annually
Rapid Assessment
Recommended for

Businesses with a strong understanding of information security or completing their annual renewal

  • Constructive Approach
  • Assessment of all Controls
  • Cyber Essentials Plus Certificate
  • Vulnerability Scan
  • Pre Audit & Audit
  • Policy & Process Review
  • Gap Analysis
  • Management System & Training
  • Quarterly Review Meeting
  • Remote Monitoring & Management
  • Endpoint Device Patching
  • Endpoint Detection & Response
  • Continuous Compliance Monitoring
  • All security vulnerabilities and issues can be found in our Risk Management Platform
  • Constructive Feedback
Guided
£1180Estimated Price
First Year
A Tailored Approach
Recommended for

Companies that believe they are using the right technologies, but lack an in-house security team to validate the controls before certification

  • Constructive Approach
  • Assessment of all Controls
  • Cyber Essentials Plus Certificate
  • Vulnerability Scan
  • Pre Audit & Audit
  • Policy & Process Review
  • Gap Analysis
  • Management System & Training
  • Quarterly Review Meeting
  • Remote Monitoring & Management
  • Endpoint Device Patching
  • Endpoint Detection & Response
  • Continuous Compliance Monitoring
  • All security vulnerabilities and issues can be found in our Risk Management Platform
  • Consultant Led
Guided
£1780Estimated Price
First Year
A Tailored Approach
Recommended for

Companies that believe they are using the right technologies, but lack an in-house security team to validate the controls before certification

  • Constructive Approach
  • Assessment of all Controls
  • Cyber Essentials Plus Certificate
  • Vulnerability Scan
  • Pre Audit & Audit
  • Policy & Process Review
  • Gap Analysis
  • Management System & Training
  • Quarterly Review Meeting
  • Remote Monitoring & Management
  • Endpoint Device Patching
  • Endpoint Detection & Response
  • Continuous Compliance Monitoring
  • All security vulnerabilities and issues can be found in our Risk Management Platform
  • Consultant Led
Guided
£2680Estimated Price
First Year
A Tailored Approach
Recommended for

Companies that believe they are using the right technologies, but lack an in-house security team to validate the controls before certification

  • Constructive Approach
  • Assessment of all Controls
  • Cyber Essentials Plus Certificate
  • Vulnerability Scan
  • Pre Audit & Audit
  • Policy & Process Review
  • Gap Analysis
  • Management System & Training
  • Quarterly Review Meeting
  • Remote Monitoring & Management
  • Endpoint Device Patching
  • Endpoint Detection & Response
  • Continuous Compliance Monitoring
  • All security vulnerabilities and issues can be found in our Risk Management Platform
  • Consultant Led
Guided
£3800Estimated Price
First Year
A Tailored Approach
Recommended for

Companies that believe they are using the right technologies, but lack an in-house security team to validate the controls before certification

  • Constructive Approach
  • Assessment of all Controls
  • Cyber Essentials Plus Certificate
  • Vulnerability Scan
  • Pre Audit & Audit
  • Policy & Process Review
  • Gap Analysis
  • Management System & Training
  • Quarterly Review Meeting
  • Remote Monitoring & Management
  • Endpoint Device Patching
  • Endpoint Detection & Response
  • Continuous Compliance Monitoring
  • All security vulnerabilities and issues can be found in our Risk Management Platform
  • Consultant Led
Managed
£184 + £14 Device / Month
Audit Included
12 month term
Recommended for

Businesses that want to obtain certification quickly and outsource management of the system to a team of cyber consultants

  • Constructive Approach
  • Assessment of all Controls
  • Cyber Essentials Plus Certificate
  • Vulnerability Scan
  • Pre Audit & Audit
  • Policy & Process Review
  • Gap Analysis
  • Management System & Training
  • Quarterly Review Meeting
  • Remote Monitoring & Management
  • Endpoint Device Patching
  • Endpoint Detection & Response
  • Continuous Compliance Monitoring
  • All security vulnerabilities and issues can be found in our Risk Management Platform
  • Managed by CSIQ
Managed
£224 + £14 Device / Month
Audit Included
12 month term
Recommended for

Businesses that want to obtain certification quickly and outsource management of the system to a team of cyber consultants

  • Constructive Approach
  • Assessment of all Controls
  • Cyber Essentials Plus Certificate
  • Vulnerability Scan
  • Pre Audit & Audit
  • Policy & Process Review
  • Gap Analysis
  • Management System & Training
  • Quarterly Review Meeting
  • Remote Monitoring & Management
  • Endpoint Device Patching
  • Endpoint Detection & Response
  • Continuous Compliance Monitoring
  • All security vulnerabilities and issues can be found in our Risk Management Platform
  • Managed by CSIQ
Managed
£268 + £14 Device / Month
Audit Included
12 month term
Recommended for

Businesses that want to obtain certification quickly and outsource management of the system to a team of cyber consultants

  • Constructive Approach
  • Assessment of all Controls
  • Cyber Essentials Plus Certificate
  • Vulnerability Scan
  • Pre Audit & Audit
  • Policy & Process Review
  • Gap Analysis
  • Management System & Training
  • Quarterly Review Meeting
  • Remote Monitoring & Management
  • Endpoint Device Patching
  • Endpoint Detection & Response
  • Continuous Compliance Monitoring
  • All security vulnerabilities and issues can be found in our Risk Management Platform
  • Managed by CSIQ
Managed
£380 + £14 Device / Month
Audit Included
12 month term
Recommended for

Businesses that want to obtain certification quickly and outsource management of the system to a team of cyber consultants

  • Constructive Approach
  • Assessment of all Controls
  • Cyber Essentials Plus Certificate
  • Vulnerability Scan
  • Pre Audit & Audit
  • Policy & Process Review
  • Gap Analysis
  • Management System & Training
  • Quarterly Review Meeting
  • Remote Monitoring & Management
  • Endpoint Device Patching
  • Endpoint Detection & Response
  • Continuous Compliance Monitoring
  • All security vulnerabilities and issues can be found in our Risk Management Platform
  • Managed by CSIQ

The Cyber Threat in Numbers

The latest statistics from the U.K Governments Cyber Security Breaches Survey

83

of all breaches were the result of a phishing attack

27

of businesses fell victim to impersonation attacks

40

of all businesses reported a cyber breach or attack

Benefits of Cyber Essentials

It demonstrates a commitment to Cyber Security

Cyber Liability Insurance – Cover for up to £25,000 for applicable companies

Increase your chances of winning new business

By adopting the standards, you are protected from the majority of common cyber threats

It shows to customers and partners you’re committed to protecting their data

To bid on government contracts organisations must be certified against the Cyber Essentials standard

It helps avoid disruption to business and reputational damage

Vulnerability Scanning

Cyber Essentials Plus helps organisations meet the minimum standard for Cyber Security. Check out our Cyber Consultancy and Managed services if you need greater visibility and control over your cyber risks.

External Vulnerability Scan

Internet-facing, external vulnerability scans are conducted using multiple industry-leading vulnerability management solutions that are PCI compliant and approved for use by the Cyber Essentials scheme.

Outsource vulnerability management to a specialist cyber security team with one of our Managed Attack Surface packages.

Internal Vulnerability Scan

Internal network vulnerability scans are completed using a PCI-compliant industry-leading vulnerability management solution approved for use by the Cyber Essentials scheme.

Check out our advanced penetration testing services if you need proof your company is protected.

Website Vulnerability Scan

Your company website will only be in scope for Cyber Essentials if you manage the platform. A website vulnerability scan can find vulnerabilities that could lead to defacement and reputational damage.

Check out our Web Application Penetration services to feel confident your website is secure.

CSIQ Insight: Risk Management Portal

All consultancy and managed services include access to our Risk Management Portal.

A Single Pane of Glass

All risk types, including technical, human, residual and inherent, are allocated a score, allowing for a strategic approach to risk reduction.

Monthly Reports

Monthly reports from our managed services detailing individual risk scores, a summary of events, detailed vulnerabilities, and security recommendations are all available from the platform.

Visual Attack Path

Multiple vulnerabilities are typically exploited to reach a target. Our platform visualises the attack path taken by your consultant to achieve the objective.

Trend Analysis

Track your exposure over time to ensure that your IT teams are tackling the vulnerabilities identified.

If you have our pre-pay contract, simply send us a message through the platform to assist with the remediation.

CSIQ-Footer-Logo-4

Compliance & Governance

Services

To find out more about the other compliance and governance service that we offer, visit our IASME Cyber Assurance. 

Or get in touch to find out more about all our services.

Contact UsContact Us

Our Accreditations & Memberships

We are proud of our industry recognised certifications in Cyber Security and Service Delivery

CSIQ NCSC Assured Service Provider Cyber Advisor
Cyber Essentials Plus Certification Body
IASME Governance Certification Body
CSIQ IASME Cyber Baseline Certification Body
ISACA Professional Members
Ecologi - Climate Positive Workforce

FAQ

How much is Cyber Essentials?

See the pricing table or request a quote or give us a call to get a rapid price.

Is Cyber Essentials Mandatory?

Cyber Essentials is not a mandatory requirement for all businesses. However, it is commonly a supplier requirement, especially when tendering for government work or larger organisations.

How long does it take to get cyber essentials?

This depends on the size of your network and how many devices make up the sample set that the assessor will need to test.

Generally, we can complete all testing within one business day and will prepare a schedule with you in advance to minimise disruption.

A typical turnaround time for certification is two weeks from order.

Is Cyber Essentials the same as ISO 27001?

Cyber Essentials is not the same as ISO 27001, but it is a natural stepping stone if you are starting out on your compliance journey. The management system included in our managed Cyber Essential Managed packages makes the transition to ISO 27001 simpler and quicker.

Is Cyber Essentials a Legal Requirement?

Although Cyber Essentials certification is not a legal requirement, some of your customers and partners may require it as part of their supplier due diligence checks to reassure them that you take their security and privacy seriously.

Who has Cyber Essentials?

You can confirm who has a Cyber Essentials certificate by checking out the National Cyber Security Centres certificate search here.

Is a site visit required?

We are able to conduct the entire audit remotely without needing to visit the site.

Our vulnerability management software also does not require us to send a server to the site, reducing the administrative overhead and costs considerably.

What is involved with the Cyber Essentials Plus assessment?

Cyber Essentials Plus provides a more advanced level of assurance and includes a technical audit of the systems in scope for Cyber Essentials. Organisations applying for Cyber Essentials Plus must also pass an on-site/remote assessment and an internal/external vulnerability scan.

What happens if we fail the assessment?

Do not worry; it is not common for an organisation to pass Cyber Essentials Plus without any remediation.

If you fail the assessment, the assessor will prepare a report outlining the reasons and the remediation work required to achieve a pass. There is a 30-day retesting window where the organisation can carry out the remediation steps listed. CSIQ can then retest just those areas which failed within the 30-day window. If those vulnerabilities have been remediated, then CSIQ will be able to award a pass for Cyber Essentials Plus.

How can I remember to recertify on the anniversary of my accreditation?

We will email you a reminder in advance of your expiry date outlining the steps to work through your renewal.

Cyber Essentials Logo

The Cyber Essentials logo was updated in 2023. Once your company achieves certification, you will receive your blockmark certificate and logos for use on your website and marketing material.

Cyber Essentials Logo

Cyber Essentials Logo

Once you have been certified you will receive a blockmark digital certificate.

What is Cyber Essentials Self Assessment?

There are two types of Cyber Essentials certification, Self Assessed and Plus. The applicant organisation completes the self-assessment, which an approved Certification Body then marks.

What does Cyber Essentials cover?

The Cyber Essentials standard is based on the five controls

  • Firewalls
  • Secure Configuration
  • User Access Control
  • Malware Protection
  • Patch Management

Future editions will also emphasise multi-factor authentication and protecting cloud accounts.

How does Cyber Essentials work?

Cyber Essentials self-assessed requires the applicant company to complete a questionnaire on implementing the five controls within their organisation, which an assessor then marks. The company is awarded a Cyber Essentials certificate if the applicant demonstrates that they apply the five controls’ principles.

When was Cyber Essentials Launched?

The cyber essentials scheme was first launched on the 5th of June, 2014.

Is Cyber Essentials worth it?

We think so. While not all-encompassing, It is an excellent foundation to build your company’s security practices. In today’s connected world, internet access has become necessary for companies to function. Still, access to the internet puts your company at risk for misconfigurations, poor cyber hygiene, and malicious actors looking to profit from your company’s vulnerabilities.

Who needs Cyber Essentials?

You will only need Cyber Essentials if you are required to have a valid certificate to meet supplier requirements. We, of course, believe that every company should aim to achieve the Cyber Essentials standard as it represents a robust foundation to build cyber resilience.

What are the requirements for Cyber insurance?

The requirements to receive £250,000 of cyber liability insurance are as follows:

  • The company is UK-domiciled
  • The company has a turnover of less than £20 million
  • The self-assessment covers the whole organisation

What’s Covered?

  • Liability including claims made against you arising from media activities as well as privacy and security violations
  • The costs incurred due to a data breach, including the fees of notifying data subjects. Payment for legal, IT, forensic, and public relations experts.
  • Extortion demands, including ransoms and other forms of cyber extortion.
  • Legal fees and regulatory fines (where insurable by law).
  • Profit and/or operational expenses are lost due to a network compromise.
  • The costs of repairing damage to your data, as well as the costs of replacing, restoring, or updating your data.

What’s Excluded?

  • Money was stolen through electronic means or cyber fraud
  • The indemnity limit of £25,000 may be adequate for a minor breach or incident, but it is insufficient for a severe problem or multiple incidents. Higher indemnity limits are available.

Who will conduct the Cyber Essentials Plus assessment?

Only certification bodies trained and licensed by IASME can certify an organisation against the NCSC’s Cyber Essentials scheme. CSIQ assessors are IASME qualified, and CSIQ is authorised to deliver Cyber Essentials and Cyber Essentials Plus certifications.

Do we need Cyber Essentials in order to achieve Cyber Essentials Plus?

Cyber Essentials Plus is a verification assessment of the controls listed in the Cyber Essentials self-assessment questionnaire.

All organisations must achieve Cyber Essentials Self-Assessed; Companies then have a 3-month window to schedule their Cyber Essentials Plus assessment.

Cyber Essentials Plus Logo

The Cyber Essentials Plus logo was updated in 2023, once your organisation achieves certification, you will receive your blockmark certificate and logos for use on your website and marketing material.

Cyber Essentials Plus Logo

Cyber Essentials Plus Logo 

Have a question for us about our services?

Send us an enquiry to get a rapid response from a cybersecurity expert.

"*" indicates required fields

Name*
Hidden
Hidden
This field is for validation purposes and should be left unchanged.