Embedded Files
What is Cyber Essentials?
What is Cyber Essentials?
Cyber Essentials is a UK government–backed cybersecurity certification scheme that helps organizations protect themselves from common online threats.
It provides a simple, effective framework for improving your company’s cybersecurity posture and demonstrating your commitment to data protection.
Purpose
Purpose
Cyber Essentials helps your organization:
Defend against the most common types of cyberattacks.
Demonstrate trust and compliance to customers and partners.
Meet requirements for certain UK government and public-sector contracts.
Build a strong foundation for more advanced cybersecurity frameworks (like ISO 27001).
The Five Technical Controls
The Five Technical Controls
Cyber Essentials focuses on five key areas of security:
1 - Firewalls & Internet Gateways
1 - Firewalls & Internet Gateways
Protect your network by controlling incoming and outgoing traffic.
Requirements:
Change default passwords on routers and firewalls.
Only allow essential services, ports, and protocols.
Use Network Address Translation (NAT) or similar protections.
Keep firewall logs and review them regularly.
3 - User Access Control
3 - User Access Control
Limit access to only what’s necessary for each user.
Requirements:
Provide each user with a unique login.
Restrict admin privileges to essential staff only.
Use separate accounts for admin and everyday use.
Remove or disable accounts when staff leave or change roles.
Enforce strong, complex passwords or passphrases.
5 - Patch Management
5 - Patch Management
Keep your systems and software updated and secure.
Requirements:
Ensure all software and operating systems are supported.
Turn on automatic updates where possible.
Apply critical security patches within 14 days of release.
Regularly check for missing updates.
Remove unsupported or end-of-life systems.
2 - Secure Configuration
2 - Secure Configuration
Ensure systems are set up securely, reducing vulnerabilities.
Requirements:
Remove or disable default accounts and unused services.
Enforce strong password policies.
Enable automatic screen locks on devices.
Keep systems configured with minimal, secure settings.
4 - Malware Protection
4 - Malware Protection
Protect systems against viruses, ransomware, and other malicious software.
Requirements:
Install and update anti-malware software on all devices.
Enable real-time protection and regular scans.
Scan all downloads and external media automatically.
Use trusted app stores or verified software sources only.
Provide basic cybersecurity awareness training to employees.
Additional Preparation Steps
Additional Preparation Steps
Before submitting your certification:
Assign a cybersecurity lead or team.
Create an asset register listing all devices and software.
Document your password, update, and incident response policies.
Conduct a self-audit using the checklist above.
For Cyber Essentials Plus, prepare for an external audit and vulnerability scan.
Certification Timeline
Certification Timeline
Certification Level Description Typical Duration
Cyber Essentials Self-assessment questionnaire 1–2 weeks
Cyber Essentials Plus Independent audit and scan 2–4 weeks
Why It Matters
Why It Matters
Required for many UK government contracts.
Builds trust and reputation with customers.
Helps protect against 80% of common cyberattacks.
Strengthens your cybersecurity culture and awareness.
Next Steps
Next Steps
Review your internal systems using the checklist above.
Fix any gaps or weaknesses.
Choose a Cyber Essentials Certification Body (accredited by IASME).
Complete the self-assessment or arrange an audit for Cyber Essentials Plus.
Cyber Essentials Certification
Delivered by Cyber Padlocking in partnership with Bulletproof
Protect your business, build trust, and stay compliant with Cyber Essentials the UK government-backed certification scheme. In partnership with Bulletproof, Cyber Padlocking offers expert-led, fully supported certification packages tailored to your business size and needs.
Why Get Cyber Essentials?
Win government & public sector contracts
Build customer trust by showing security compliance
Defend against 80% of common cyber threats
Stay aligned with data protection regulations
Why Choose Cyber Padlocking?
Your trusted cybersecurity partner
Powered by Bulletproof’s CREST-accredited services
End-to-end expert support
Fast, professional certification process
Cyber Essentials Packages & Pricing
Cyber Essentials (Basic)
A self-assessment certification with full guidance and expert support.
Staff Size Price (excl. VAT)
Up to 50 £575.00
Up to 100 £875.00
Up to 250 £1,175.00
Up to 500 £1,475.00
Cyber Essentials + Cyber Essentials Plus
Includes Basic certification plus a technical audit by Bulletproof’s experts.
Staff Size Price (excl. VAT)
Up to 50 £1,750.00
Up to 100 £2,050.00
Up to 250 £2,350.00
Up to 500 £2,650.00
🔍 What's the Difference?
Feature Cyber Essentials Cyber Essentials Plus
Self-assessment ✅ ✅
Expert guidance ✅ ✅
Vulnerability scan ❌ ✅
Technical audit ❌ ✅
Get Certified with Cyber Padlocking
We're ready to help you secure your business and achieve Cyber Essentials fast with support from Bulletproof’s security experts.
Get your Cyber Essentials quote
Cyber Essentials made simple powered by Bulletproof, delivered by Cyber Padlocking.
Page updated
Report abuse