Cyber Essentials is the UK government's cyber security certification scheme. Cyber Assure guides you through all five technical controls with expert-written, plain-English guidance - so you know exactly what to do and why.
Cyber Essentials is a UK government-backed certification scheme that defines five basic technical controls every organisation should have in place. It was developed by the NCSC (National Cyber Security Centre) and is widely recognised as the minimum standard for cyber security in the UK.
It is already required for organisations bidding for certain government contracts, and is increasingly expected by insurers, funders, and large clients as a condition of doing business.
Boundary firewalls and internet gateways that protect your network from unauthorised access from the internet.
Computers and network devices configured to reduce vulnerabilities and provide only the services and software you actually need.
User accounts with appropriate privileges, strong passwords, and multi-factor authentication on internet-facing services.
Protection against malicious software through anti-malware tools, application controls, or sandboxing.
Software and devices kept up to date with the latest security patches - within 14 days of a patch becoming available.
Most organisations find Cyber Essentials confusing. The technical language can be impenetrable, and it's not always clear what "meeting" a control actually means in practice for your specific setup.
Each of the five controls is broken down into individual requirements with clear, plain-English explanations of what needs to be in place and why it matters - written by cyber security experts, not committees.
See at a glance which controls you've met, which are partially complete, and which still need attention. No spreadsheets, no manual tracking.
Each control includes tailored wording you can send directly to your IT team or provider to request the information or evidence needed. No technical knowledge required on your side.
Document your controls and keep a clear record of what's in place. When it's time for formal certification, you have everything organised and ready.
Cyber Essentials is a self-assessment - you answer questions about your controls and a certifying body reviews your responses.
Cyber Essentials Plus goes further with an independent technical verification of your controls by an assessor. Cyber Assure's tracking helps you prepare for both.
While technically voluntary for most organisations, the practical and reputational benefits mean it is becoming a baseline expectation across all sectors.
Many grant funders now ask about cyber security as part of due diligence. Cyber Essentials gives you a recognised, credible answer.
The Department for Education's cyber security standards for schools align closely with Cyber Essentials. Many academy trusts require certification across the trust.
If you supply to the public sector, work with larger organisations, or hold personal data, Cyber Essentials is increasingly a baseline requirement.
Cyber Essentials tracking is included in all Cyber Assure plans. Get in touch to see how it works for your organisation.