This website uses cookies. View our cookie policy
Close
USA
Select regional store:

Essential cybersecurity - Cyber Essentials

What is the Cyber Essentials scheme?

Cyber Essentials is a cybersecurity certification scheme that sets out a good baseline of cybersecurity suitable for all organizations in all sectors. The scheme addresses five key controls that, when implemented correctly, can prevent around 80% of cyber attacks.

IT Governance is a CREST-accredited certification body for the Cyber Essentials scheme. Our fixed-price packages can help your organisation achieve certification quickly and easy, whatever your budget or level of technical expertise.


Want to know more about the Cyber Essentials Scheme?

For advice and guidance on the scheme or to find out more about adopting the five key security controls, get in touch with one our experts today.

Speak to an expert


What are the five key security controls?

Secure configuration

Confirm that computers and network devices are properly configured in order to reduce the level of inherent vulnerabilities.

Find out more about secure configuration >>


Secure your Internet connection

Confirm that only safe and essential network services can be accessed from the Internet.

Find out more about boundary firewalls and Internet gateways >>


Access control

Confirm that user accounts are assigned to authorized individuals only.

Find out more about access control >>


Patch management

Confirm that devices and software are not vulnerable to known security issues for which fixes are available.

Find out more about patch management >>


Malware protection

Restrict the execution of known malware and untrusted software.

Find out more about malware protection >>


Cyber Essentials Assurance Framework

It is worth noting that Cyber Essentials certification, is a UK government scheme, although implementing the above 5 security controls can still help organization across the world prevent cyber attacks. 

There are two levels of certification under the Assurance Framework: Cyber Essentials and Cyber Essentials Plus.


Why is Cyber Essentials so useful?

Since the GDPR (General Data Protection Regulation) and DPA (Data Protection Act) 2018 came into effect, all organizations that process personal data must implement appropriate technical and organizational measures to ensure its security or risk administrative fines of up to €20 million ($22 million) or 4% of annual global turnover – whichever is greater.

Implementing the Cyber Essentials controls is recognised as one of many ways of demonstrating that organizations are taking action to mitigate the risks they face, especially if those risks are of a low level.

Larger organizations, those with more complex environments or lower risk appetites or those that face a higher level of risks, including targeted attacks, would do well to adopt a more mature level of cybersecurity, such as an ISMS (information security management system) that complies with the international standard ISO 27001.

Read more about the benefits of Cyber Essentials >>


Speak to an expert

For more information oabout Cyber Essentials, speak to one of our experts today.