About the Cyber Essentials Scheme

The scheme was specially developed by the UK Government and National Cyber Security Centre (NCSC) to make the UK a safer place to live and do business online. The certification process has been designed to support any business, from large established corporate organisations to new start-up SMEs, with a manageable approach to cyber security.

As an information security standard, the Cyber Essentials scheme offers an affordable and effective level of assurance for businesses of all sizes and comes in two levels: Cyber Essentials and Cyber Essentials PLUS. The programme sets out 5 key technical controls to help businesses with cyber protection which, when implemented, will protect you against the most common cyber threats. In fact, the cyber security certification aims to reduce an organisations’ risk of attack from internet-borne threats by around 80%.

Widely recognised as a benchmark of good cyber hygiene, certified companies demonstrate that they have taken the necessary steps to safeguard sensitive data and maximise cyber protection. Furthermore, a valid Cyber Essentials certificate is increasingly required within supply chains and is compulsory for any business bidding on Government and UK defence contracts.

What are the 5 key Cyber Essentials controls?

access control

1. Access control

firewalls

2. Firewalls

malware

3. Malware protection

secure config

4. Secure configuration and network management

updating software

5. Updating software / patching

How we help

As an IASME Governance and Cyber Essentials Certification Body, we offer full support and certification services for both Cyber Essentials and Cyber Essentials PLUS.

cyber essentials

Following an initial scoping exercise, the Air Sec team will perform a preliminary cyber audit, covering the 5 key Cyber Essentials controls outlined in the programme. We will then follow up with a bespoke report, identifying any cyber vulnerabilities and improvements required in your IT infrastructure, including any recommendations and optional remediation plans.

Once satisfied, one of our fully qualified assessors will complete the necessary assessment and issue your Cyber Essentials certification.

Cyber Essentials

  • Questionnaire-based assessment
  • External vulnerability scan

Our Cyber Essentials assessment consists of a questionnaire and external vulnerability scan to ensure you’re meeting best practice standards of cyber protection.

Although it’s not a specific requirement of Cyber Essentials, we perform a thorough scan of your internet-facing infrastructure and devices to ensure they’re vulnerability-free as an additional measure. Working closely with your business, we’ll then complete the necessary documentation and issue your certification.

Speak to a specialist

Cyber Essentials PLUS

  • Onsite assessment
  • Internal & external vulnerability scans

Cyber Essentials PLUS* is based on the same criteria as the initial certificate, but the assessment is carried out on site and involves further vulnerability scans.

During the audit, we’ll conduct a range of internal and external vulnerability scans and test a sample of end-user and network devices to check that they’re well secure against cyber attacks. Once satisfied, we’ll complete and sign off your certification.

*Cyber Essentials PLUS must be completed at the same time or within 3 months of the initial Cyber Essentials certification.

Speak to a specialist

Annual renewal

Once achieved, we recommend renewing your certification annually. This will enable you to maintain certified status and ensure the continual review and development of your cyber security controls.

Is this certification right for you?

We strongly recommend your business considers acquiring a Cyber Essentials Certificate if:

  • Your business runs and operates an IT infrastructure
  • Your business collects, stores and uses customer or employee information on an online or computerised system
  • You generally want to step up the security protection of your business to avoid the impacts of serious cyber attacks

Why choose us?

IASME Accredited Certification Body

As an accredited Certification Body, we’re fully trained and licensed to deliver against the UK government’s Cyber Essentials scheme and the IASME Governance standard.

Best-of-breed security systems & tools icon

IT & cyber security experts

All of our assessors are fully qualified and have deep expertise across IT and information security, so you can be sure we’ve got all your needs covered.

Fast Response Times

Quick & efficient certification

We’ve developed a unique, 5-step process to ensure your certification goes as smoothly as possible right from the word ‘go’.

Nothing but the best - Air IT support

100% success rate

Whether you choose Cyber Essentials or Cyber Essentials PLUS, we’ll work with you throughout to ensure your certification is a resounding success.

Ready to get started?

Speak to a specialist

What our clients say

Anderson Green

“We have found everyone at Air Sec to be extremely professional and would have no problem recommending their services. We felt very well supported throughout the certification process and are confident that the security measures we have implemented are applicable to our business requirements.”

David Brittan, ICT Manager

Anderson Green

Our memberships and accreditations

As well as being a Cyber Essentials Certification Body, we’ve met the highest standards required for ISO 27001 ISMS, IASME Gold and Cyber Essentials Plus accreditations. We’re a core member of the UK Cyber Security Forum and Cyber-security Information Sharing Partnership (CiSP) too.

Don’t be the next victim of a cyber attack

Make sure you’re fully protected. Take advantage of our FREE, no-obligation, cyber security risk assessment and find out if your defences are up to scratch.

Get FREE security risk assessment

Get a free consultation