Cyber Essentials

Take your cyber security commitment to the next level with Cyber Essentials Plus certification.

This advanced government-backed program is designed for businesses aiming to bolster their defences against prevalent cyber threats.

Approximately one-quarter of businesses initially certified with Cyber Essentials proceed to attain Cyber Essentials Plus, demonstrating their ongoing dedication to cyber security.

IT Services
Phone Services
Contact Us
Cyber Essentials - Header Logo

Cybersecurity Standards

Cyber Essentials is a scheme designed to help protect the UK from cyber threats, which are becoming a significant risk to UK businesses. To counter this threat, the Government introduced the Cyber Essentials Scheme, which encourages organisations to review and improve their basic cyber security measures and demonstrate that they meet or exceed a recognised baseline of cyber security practice.

The Cyber Essentials Standards provide a cost-effective route to cyber security for small and medium-sized enterprises that need help implementing complex security measures. It will help protect your business and your customers’ data against threats like malware, hacking, and the loss or theft of equipment and help prevent damage to your brand and reputation if a data breach occurs.




The five critical technical controls make up the Cyber Essentials standard. Organisations must demonstrate that they are aligned with these controls to achieve certification.

Strong user authentication and access control measures ensure that only authorised individuals can access sensitive information and perform specific actions. This control helps prevent unauthorised access and restricts privileges based on job roles.

Implementing firewalls and secure gateways at network boundaries to monitor and control incoming and outgoing network traffic, providing a first line of defence against unauthorised access.

Ensuring that devices and software are configured securely, following industry best practices and guidelines. This involves removing or turning off unnecessary features, changing default passwords, and applying appropriate security patches and updates.

Maintaining an up-to-date inventory of software and applying security patches promptly. Regularly updating software protects against known vulnerabilities and helps prevent exploitation by attackers.

Deploying effective anti-malware solutions (e.g., antivirus software) to detect and prevent the execution of malicious software. Regular updates and scans help identify and remove malware, reducing the risk of infection and data compromise.

By implementing these five controls, organizations can significantly improve their cybersecurity defences, mitigate common cyber risks, and enhance their overall resilience against cyber threats.



Elevate Your Security Standards

Our structured process provides you and your team with a comprehensive overview of your existing cyber security posture. It ensures that crucial protocols and policies are formally documented, offering vital preparation in the event of security breaches.

Enhance Business Opportunities

Since 2014, public contracts involving sensitive data have necessitated Cyber Essentials certification. The Ministry of Defence (MOD) adopted this requirement in 2016, with numerous enterprises following suit. Certification can be the deciding factor in securing lucrative contracts.

Empower Your Workforce

The certification process fosters cyber security awareness throughout your organisation. It educates employees on fundamental security practices, empowering them to recognise and mitigate potential threats effectively.

Cyber Liability Insurance

UK organisations with turnovers under £20m automatically qualify for AXA Cyber Liability Insurance upon certification. This coverage includes a 24/7 helpline, crisis assistance, and incident response services up to £25,000.

Distinguish Your Business

A Cyber Essentials Plus accreditation is a significant differentiator for your enterprise. Whether you cater to small or large corporations, your clients need assurance that you prioritize their data security.

Peace of Mind

Rest assured knowing that your systems and applications are fortified against 80% of cyber attacks. This allows you to concentrate on your core business objectives, free from security concerns.




Organisations can gain two levels of Cyber Essentials accreditation, Cyber Essentials Basic and Cyber Essentials Plus, however the Plus standard holds greater credibility as it involves an external audit carried out by an official Certification Body to ensure that organisation meets the standard.


Cyber Essentials Plus

Certification Process

The Cyber Essentials Plus certification is assessed using the same five controls as the Cyber Essentials.

However, where Cyber Essentials can be self-assessed and independently verified, the Cyber Essentials Plus certification includes a Vulnerability Assessment and a Remote Technical Audit of your systems.

We will conduct a remote audit on a selection of devices from across your organization to verify that their configurations align with the required standards.

Our team will conduct a comprehensive Vulnerability Assessment on these devices to validate that patching and configurations meet acceptable criteria.

We will perform an external port scan on your internet-facing IP addresses to identify and rectify any evident vulnerabilities and misconfigurations.

Thorough testing will be conducted on the configuration of your default email and internet browsers to evaluate their effectiveness in preventing the execution of potentially harmful files.

Throughout the process, screenshots will be taken to meticulously document your compliance with the Cyber Essentials Plus standard.

Upon achieving accreditation, we will annually review and resubmit your certification to ensure continual compliance.

We believe that nobody should mark their own homework which is why we arrange for an external auditor to assess our work and sign off on your Cyber Essentials Plus certification.

Prices staring from only £1400

Speak to a Cyber Essentials expert today

Are you ready to start your Cyber Essentials journey, or would you like to learn more about the certification process?

Enter your details and one of our Cyber Essentials specialists will be in touch.

Frequently Asked Questions

  • Shields your organization from approximately 80% of cyber-attacks, as stated by the UK government.
  • Displays your dedication to security and data protection to clients and stakeholders.
  • Enhances your reputation and enhances your chances of securing new business by showcasing your cyber-security measures.
  • Cyber Essentials allows you to collaborate with the UK government, while Cyber Essentials Plus qualifies you to work with the MoD.
  • Enables you to concentrate on your business objectives with peace of mind, knowing your security is ensured.

Details of insurance terms and conditions can be found here.

The Cabinet Office’s guidance to Procurement Officers can be accessed here, specifying situations where Cyber Essentials certification is required.

It is noteworthy that an increasing number of government and commercial entities are mandating this certification for their suppliers, despite not being required to do so by the Procurement Policy Notice. In a speech on June 23rd, 2015, Ed Vaizey from the Department of Culture, Media & Sport encouraged all organizations to “adopt Cyber Essentials to protect and promote themselves online to all stakeholders.”

Any company employing unsupported or outdated software within the assessment scope, such as Microsoft 7, is likely to fail to attain Cyber Essentials certification.

The questionnaire necessitates responses to all inquiries. Most questions will require concise explanations to help us grasp your company and its information security controls. Providing comprehensive details upfront reduces certification time, as we have all necessary information from the start.

For Cyber Essentials, once you’ve completed the self-assessment questions on the online portal, we aim to provide assessment results within 24 hours. For Cyber Essentials Plus, this must be conducted within three months of Cyber Essentials accreditation. Cyber Essentials Plus requires an on-site audit, which can be scheduled upon request after a signed order and Cyber Essentials pass are in place.

We will contact you before your expiry date, outlining the renewal process steps.

To pass the Cyber Essentials assessment, you must answer nearly all questions correctly (compliant). You must have control over all these aspects of your system to be certified. The UK Government establishes this stringent pass criteria.

If you’re non-compliant with some questions, we recommend adjusting your processes to meet the requirement and providing notes explaining why you’re not compliant in that aspect and how you manage that risk.

You can download the Cyber Essentials question set here.

What Customers Think of Confidence IT

antony myers
antony myers
Confidence IT are fast, friendly and competent - highly recommended!
Frank Olisadun
Frank Olisadun
Very good
Ellie Litvinenko
Ellie Litvinenko
Sammy not only resolved my issue but while doing so, he managed to assist me in resolving a separate one I'd never opened a ticket for. I am happy to say that he not only met but exceeded my expectations massively. I am very grateful for his help and assistance.
Samantha Secker
Samantha Secker
have worked with Confidence It for over 10 years, they have been amazing. The lads and Jo are all super friendly and very knowledgeable.
Janice Rentell
Janice Rentell
"We have been using Confidence IT for a few years now and they are always quick to respond to any issues we have and their technicians are always polite. Would highly recommend."
peter holmes
peter holmes
confidence IT have looked after us for almost four year and there service is excellent - they pick up any queries or problems which may arise straight away and look to sort asap. Customer support is 5 star ... dermaspa
Lee Hancox
Lee Hancox
We have worked with C-IT as a support provider for several years now and the support has always been professional and to the highest standard.
Tom Patrickson
Tom Patrickson
Provided significant assistance with numerous projects, including the implementation of a VOIP phone system across various sites. Demonstrated excellent responsiveness to all inquiries and resolved issues swiftly and efficiently. Highly Recommend.
Alex Lapushner
Alex Lapushner
Supportive, reliable, responsive and innovative business. Good to have partnered with Confidence IT Ltd. Highly recommended.
Diane Butterworth
Diane Butterworth
Friendly, fast and reliable service.