A UK Government-backed scheme, Cyber Essentials helps organisations to protect themselves against common cyber threats.
By achieving Cyber Essentials your company demonstrates that they have considered and committed to increasing their defences against common cyber threats and reduce their vulnerabilities to an accredited government standard.
For certain businesses, Cyber Essentials is a mandatory requirement to secure contracts, we consider the conditions under which certification is necessary.
Does my Business need Cyber Essentials Certification for Government contracts?
Cyber Essentials is mandatory for businesses looking for specific government contracts.
Without Cyber Essentials, you will not be able to bid for such contracts. Often these contracts will involve delivering certain IT products and services and the handling of personal information.
Government contracts where your business will be required to:
Deliver IT services or products that are designed to process, transfer or store data at an official level.
Handle the personal information of any UK citizens; i.e. home addresses or bank details.
Handling any government employee personal information, ministers, or advisors; i.e. expenses or payroll.
Cyber Essentials certification has been mandated for businesses entering into contracts, forcing you to show you demonstrate you have achieved the set standards and can demonstrate that you have met the technical requirements - defined by the scheme.
If you’re looking to bid for government contracts that involve one of the characteristics mentioned above, it makes sense to consider achieving Cyber Essentials certification first and not waiting until the final hour to make your application.
Does my Business need Cyber Essentials Certification for Ministry of Defence Contracts contracts?
Further emphasis is placed on businesses being Cyber Essentials certified by the UK Ministry of Defence (MOD), they require all suppliers to comply with the Cyber Essentials scheme.
The MOD has stated that this requirement must flow into your supply chain, which mandates that both organisations directly conducting business with the MOD, and organisations delivering to the MOD supply chain must be Cyber Essentials certified. Otherwise, they cannot win MOD contracts for businesses going forward.
Why should you get Cyber Essentials?
There are 6 reasons to gain Cyber Essentials certification:
Helps to prevent up to 80% of cyber attacks.
Reassure your customers that you are working to secure your systems against cyber attack.
Attract new business with the promise you have cybersecurity measures in place.
You have a clear picture of your organisation's cybersecurity level.
(As above) Various government contracts require the Cyber Essentials certification.
Cyber Essentials certification includes automatic cyber liability insurance for any UK organisation that certifies their whole organisation and have less than £20m annual turnover.
How can I become Cyber Essentials certified?
Does Cyber Essentials certification have an expiry date?
All new certificates issued by our Trusted Partners will have a 12-month expiry date.
How much does the Cyber Essentials certification cost?
The cost of Cyber Essentials (verified self-assessment) is £300 + VAT. The cost of a Cyber Essentials Plus assessment will depend on the size and complexity of your network. Please contact our Trusted Partners with any questions, they will provide advice and guidance.
Do I need to have Cyber Essentials before getting Cyber Essentials Plus?
No, you can go for Cyber Essentials Plus without obtaining the first level of Cyber Essentials. Your Certification Body will work with you to complete the Cyber Essentials questionnaire and verify compliance as part of the process of achieving Cyber Essentials Plus.