Cyber Essentials Certification

What is Cyber Essentials?

Cyber Essentials is a government-backed, industry supported cyber security certification scheme that sets out a good baseline of cyber security for any organisation regardless of type or sector. The scheme addresses five key areas that, when implemented correctly, can intercept and prevent a vast number of cyber-attacks.

It not only provides peace of mind to you knowing that your IT assets are reasonably secure, but also demonstrates that you have actively taken steps to mitigate a real and present threat to your business.

How can it be achieved?

TekOne Technologies Ltd has a thorough and tested method of preparing an organisation / business for certification. This involves a comprehensive audit of five areas of business IT systems:

  • Workstation Security
  • Internet gateways and boundary security
  • Securing access control
  • Patch management
  • Malicious software protection

Once all the elements are in place, TekOne will request a third-party certification authority to independently certify our work, which then results in your organisation declared as compliant.

It is a complete turn key solution offered by TekOne Technologies with minimum or no disruption caused to your business / organisation.

Frequently Asked Questions

Where can I find the full Requirements for the Cyber Essentials Scheme?

You can download the requirements from the UK Government website here

What is Cyber Essentials PLUS?

Cyber Essentials PLUS involves a technical audit of the systems (by external assessor) that are in-scope for Cyber Essentials. This includes a representative set of user devices, all internet gateways and all servers with services accessible to unauthenticated internet users. The assessor will test a suitable random sample of these systems (typically around 10 per cent) and then make a decision whether further testing is required.

How my business can benefit by Cyber Essentials schemes?

Cyber Essentials schemes can help prevent attacks on your IT systems from outside or inside your company and could give your stakeholders peace of mind. 45% of small businesses and 66% of medium/large businesses reported a cyber breach or attack in the past 12 months. Overall, nearly half of all businesses (46%) experienced a cyber-attack or breach in the past year, causing thousands of pounds worth of costs and disruption to everyday operations.

What does Cyber Essentials require?

TekOne Technologies will carryout an assessment of  business's IT systems in accordance with government guidelines. Any gaps are reported and patched. When fully ready, an independent assessor is invited to verify compliance. A vulnerability scan will be performed in order to perform security checks. All works and systems are then certified.

Will Cyber Essentials protect us against all cyber threats?

Cyber Essentials will protect you against the most common online threats. The scheme offers a basic level of protection and is a good place to start in protecting your company against cyber threats. If you require additional protection, we are more than happy to discuss additional options suitable to your business setup.

Is Cyber Essentials a mandatory requirement for working with the UK Government?

Crucially on 1 October 2014 Cyber Essentials was made mandatory for organisations looking to secure government contracts which concern handling personal information and delivering certain ICT products and services. It is now mandated that suppliers must be able to demonstrate and prove that they meet the technical requirements defined in Cyber Essentials when bidding for contracts featuring the characteristics highlighted in the Government’s procurement policy.

How long does it take?

This depends on the size of your business, the complexity of your IT system and the extent to which you already have the technical controls in place. It might take anywhere from a few days for a small business, to several weeks for a larger organisation.

Are there any automatic fail questions?

Any company using unsupported or out-of-date or retired software within the scope of assessment, such as Microsoft Windows XP, will probably fail to achieve Cyber Essentials certification.

Is there any feedback as part of Cyber Essentials?

Yes. On successful completion of systems audit, a detailed report and relevant feedback from us is provided. Similarly, on completion of the process a final report is presented to the business for its own records.