0800 7 999 510 admin@10steps.org.uk

Protecting against cyber attacks

Cyber Essentials

 

Cyber Essentials is a simple but effective government-backed certification scheme, managed by the National Cyber Security Centre (NSCS), designed to help businesses of all sizes protect themselves from the most common cyber threats.

Micro

£300/+vat
  • For Micro organisations – 0-9 Employees
Get Started

Small

£400/+vat
  • For Small organisations – 10-49 Employees
Get Started

Medium

£450/+vat
  • For Medium sized organisations – 50- 249 Employees
Get Started

Large

£500/+vat
  • For Large organisations – over 250 Employees
Get Started

FOCUS ON THE MOST COMMON CYBER THREATS

The Cyber Essentials scheme concentrates on FIVE key areas of cyber security, which when correctly deployed, will protect your organisation from the most common cyber security threats:

Firewalls – ensuring that your firewalls, both boundary and local, are configured to allow only authorised inbound and outbound traffic.

Secure configuration – ensuring that security controls have been implemented appropriately, securely, and approved by the business.

User access controls – making sure that user accounts are configured with only the level of access they need to do their role.

Patch Management – ensuring that all software is kept up to date with the latest security updates in a timely manner.

Malware management – Making sure you have proper malware protection in place on all devices, and they are operating to give maximum protection. 

Levels of Assessment

The Cyber Essentials scheme is available in two levels

Cyber Essentials – BASIC Cyber Essentials certification is undertaken through self assessment via an on-line portal. Organisations assess themselves against the five basic security controls and then Infosec Partners, as a qualified assessor, verifies the information you have provided and if you are successful you will be awarded a certification. The self assessment questions are available to view here . Please note these questions are for information only. If you want to be assessed you cannot simply submit these question sets to us. You must apply online for an assessment and submit your answers through the portal.

IASME is the NCSC’s Cyber Essentials Partner, responsible for the delivery of the scheme. 10Steps Ltd are trained and licensed by IASME to certify against the Government’s Cyber Essentials Scheme. We are also available to offer consulting and support services to help you achieve Cyber Essentials Certification.

Cyber Essentials PLUS – ensuring that security controls have been implemented appropriately, securely, and approved by the business.

 

FAQ

Frequently Asked Questions

How long does it take to get the Cyber Essentials Certification?

The Certification process depends on:

How well you know your systems and processes

The level of effort and resource you can apply to preparing and submitting the assessment.

In essence, how quickly you can demonstrate that you can meet the requirements.

If your self assessment passes then you will receive certification within 24 hours, if further work is required then certification will take longer.

If we fail, can we try again and how much does it cost?

If you fail the Cyber Essentials certification you will have 3 days to fix the issues and re-submit the application.

For Cyber Essentials Plus certification, you will have 15 days to rectify the issues and re-submit.

However, we recommend you work with a us prior to your final submission to makes sure you have the required controls in place and hence you will achieve the certification without anyissues.

10Steps Ltd is an Approved Cyber Essentials Certification Body, and we can help you along the journey.  

Do I need to buy extra software to go through Cyber Essentials?

No, the assessment is based on proven security controls, most you already have, however how they are implemented may need to aligned.

How long is the Certification valid for?

Certification is valid for one year and the organisation needs to be re-certified every year to keep the status. 

What is the benefit of having Cyber Essentials?

Cyber Essentials shows that you have proven technical security controls in place.

It gives your customers assurance that their information shared with secured business.

Meets supplier requirements for Government, MoD, NHS, etc. 

What's the difference between Cyber Essentials and Cyber Essentials PLUS.?

Cyber Essentials is a straightforward exercise where you answer the self-assessment questionnaire which is then evaluated by a certification body.

Cyber Essentials Plus certification involves an onsite audit and testing of the technical security controls of Cyber Essentials, by a qualified Certification body.

What controls are being tested?

Cyber Essentials certification process involves testing the following 5 technical controls of your IT infrastructure.

 

  • Firewalls
  • Secure Configuration
  • User Access Control
  • Malware Protection
  • Patch Management

GET IN TOUCH

3 + 13 =

 Contact US

0800 7 999 510

admin@10steps.org.uk