Whitgifts - Cyber Essentials
Contacts Header

Cyber Essentials Standard at a Glance

Cyber Essentials is the UK Government-backed and industry-supported scheme for a basic level of protection against cyber attack. The certification has two functions:

  1. providing a clear statement of the basic measures organisations should implement to mitigate the risk from common internet based threats
  2. provide certification to enable organisations to demonstrate to customers, investors, insurers and others that they have taken these essential precautions.

There are five security controls that all businesses should all be implementing

1 Boundary Firewalls and Internet Gateways

These are devices designed to prevent unauthorised access to or from private networks. Good setup of these devices is important for them to be fully effective.

2 Secure Configuration

Ensuring that systems are configured in the most secure way for the needs of the organisation.

3 Access Control

Ensuring only those who should have access to systems have access and at the appropriate level.

4 Malware Protection

Ensuring that virus and malware protection is installed and is up to date.

5 Patch Management

Ensuring that the latest supported version of applications is used and all the necessary patches supplied by the vendor have been applied


Levels of Certification


Cyber Essentials

The organisation answers questions about how security is managed within their organisation. To pass certification most questions need to be answered positively. A board member asserts that the questions have been answered honestly.

The questions are marked by an accredited assessor who is a security professional and has been through training and licensed with IASME.

See FAQ for common Questions about Self-Assessments.

Cyber Essentials Plus

Having passed the basic self-assessment, organisations can opt to upgrade their certifications to Cyber Essentials Plus.
Security measures are verified by an independent auditor, providing further proof you are following the requirements of your chosen standard.
Organisations are expected to complete audited certification with 3 months of having passed the self-assessment level.
See FAQ for common Questions about Cyber Essentials Plus


A copy of the questions

Cyber Essentials Workbook

A Step Up

A step up from Cyber Essentials is the IASME Governance Standard,
For more information click here
For a comparison of the Cyber Essentials is the IASME Governance Standard available


Implementing these measures can significantly reduce an organisation’s vulnerability. However, it does not offer a silver bullet to remove all cyber security risk.

For a full definition of the Cyber Essentials standard click here

Let Whitgift Security help you through the process – to see how we can help click here

Get in Touch

Let Whitgift Security help you secure your online business now
Contact us
Scroll Top