Cyber Essentials services designed to meet your certification needs
If you need support preparing your business for Cyber Essentials or if you are ready to be independently assessed, we can help. Complete our contact form and we’ll be in touch directly.
Perspective Risk is an accredited certifying body for the Cyber Essentials scheme.
Does Cyber Essentials apply to you?
Cyber Essentials (CE) applies to every business in the UK regardless of size. If you have Internet facing IT systems (user devices and/or servers), then this scheme will benefit you.
For businesses supplying to government, or intending to supply to government, Cyber Essentials certification became mandatory back in October 2014.
If you want to protect your reputation, avoid becoming the next statistic, and demonstrate that you take data security seriously, the Cyber Essentials scheme is for you.
What does Cyber Essentials cost?
At its most basic level, Cyber Essentials is free. You can self-assess without having to apply for certification. We’ve shared links to helpful resources – including the self-assessment questionnaire, at the foot of this page.
If you are considering certification but are restricted by budget, get in touch as we have a solution for you.
What Cyber Essentials options are available?
Beyond the basic level above (with no certification), there are two options:
- Cyber Essentials Certificate. A low cost approach to cyber security. Costs vary depending on your level of connectivity and the number of systems you have in scope.
- Cyber Essentials PLUS Badge. This level of certification is mandatory for many contracts, particularly government and NHS tenders. Requires greater effort and the independent assessment of your technical controls is more thorough.
What can you gain from Perspective Risk’s Cyber Essentials Consultancy and Assessment services?
- Confidence that you have the appropriate controls in place for your company to defend itself against common cyber attacks.
- Verification of the scope and guidance when completing the self-assessment questionnaire.
- Preparation for the external technical assessments.
- As a certifying body, we can conduct the technical assessments for your certification to the Cyber Essentials scheme.
What does certification against the Cyber Essentials Scheme involve?
Compliance with the scheme involves a self-assessment process followed by an independent technical assessment. The scheme has two levels of certification:
- Cyber Essentials – includes the self assessment questionnaire, an independent review of the questionnaire and a perimeter vulnerability scan by a certifying body. Created to be low cost.
- Cyber Essentials PLUS – includes the above plus a robust independent assessment of systems by a certifying body. Designed to be a deeper assessment.
The UK Government’s research of historical cyber attacks identified five security controls. If implemented, they will protect your organisation from common security threats. The five areas of focus covered in the self-assessment and the independent assessment are:
1. Boundary firewalls and Internet gateways
2. Secure configuration
3. Access control
4. Malware protection
5. Patch management
These controls must apply to all IT kit in scope, namely your company’s touch-points to the Internet. Typically, this includes things like desktops, laptops, mobile devices (including BYOD) and systems such as web servers, email servers or other Internet facing application servers.
By complying with the CE scheme, you will protect your business from key threats including:
- Phishing: malware infection through users clicking on malicious e-mail attachments or website links.
- Hacking: exploitation of known vulnerabilities in Internet connected servers and devices, using widely available tools and techniques.
Why choose Perspective Risk to help you with the Cyber Essentials scheme?
- We are an accredited certifying body for the Cyber Essentials scheme.
- Many years of experience in the standards the Cyber Essentials scheme is based on.
- You receive a tailored assessment that applies to your business and which is relevant to the threats you face, not a generic assessment.
- We provide comprehensive remedial advice for every issue or gap in your security regime we identify.
For more information you are welcome to ring us on 020 0200 8142, email firstname.lastname@example.org or complete our contact form.
Links to further information on Cyber Essentials
The Cyber Essentials Self-Assessment Questionnaire
The link to the HM Government website below includes the CE self-assessment Questionnaire.
- HM Government Cyber Essentials