Cyber Essentials

Why do you need Cyber Essentials?

Cyber Essentials is a scheme which has the backing of the UK government, aiming to help small to medium enterprises (SMEs) protect themselves against the most common threats against them from adversaries. There are two parts to the scheme, part one is Cyber Essentials and part two is Cyber Essentials Plus.

We place an expectation on our own suppliers that they recognise and address the importance of cyber security and assure us that they have appropriate controls in place to protect not only themselves but the information they hold and generate for us and our customers.

Cyber Essentials outlines five main controls to help an enterprise protect themselves against the most common threats:

  • Securing the internet connections.
  • Securing all devices and software.
  • Controlling access to the services and data.
  • Protect against malware.
  • Patch management and update control.

Having the Cyber Essentials certificate means that you can:

  • Reassure all your client base that you are actively securing your IT systems against attacks.
  • Assure potential clients that you have the correct measures for Cyber Security in place.
  • Demonstrate that you have a high-level picture of your Cyber Security landscape and system architecture.
  • Continue to work with the government as most government contracts will require you to have the Cyber Essentials certificate.

Cyber Essentials Deals

Siker offer the following options:

Online Consultation:

  • 2 hours online consultation
  • Relevant Documentation
  • QG Certification (£350 Submission fee payable to certifying body)
  • £250 per 2 hours with a consultant (Excluding VAT)

On-site Consultation:

  • On-site visit from a consultant
  • Relevant Documentation
  • QG Certification (£350 Submission fee payable to certifying body)
  • £750 per day for a consultant (Excluding VAT & travel)

We have consultants located in London and Edinburgh

What do we offer?

As part of the Cyber Essentials certification process, you will need to submit a self-assessment to a certification body. This ensures that the good practice guidelines set out by the certification bodies, (CREST, QG, etc) are adhered to, and that all of the five security controls have been achieved. As part of our consulting services, we offer two consultation options for helping you achieve the Cyber Essentials certification:

Online Consultation:

  • This option is for those who have the skills to prepare for the certification, but need some help understanding the security controls.
  • This option will include a 2-hour consulting session to assist with the controls in the questionnaire.
  • With this option you submit the self-assessment questionnaire to the relevant body after the consultation has finished.
  • A director of your company signs the self-assessment questionnaire.
  • An assessor from the relevant body then reviews and certifies the questionnaire.

 

On-site Consultation:

  • This option is for those who have little knowledge of cyber security or are unfamiliar with the Cyber Essentials certification security controls.
  • This option will include a 7-hour on-site consulting session, to assist with the controls in the questionnaire, understanding your infrastructure and the submission of the questionnaire to a certification body.
  • With this option you submit the self-assessment questionnaire with the consultant, after the consultant has spent time assisting with the preparation.
  • A director of your company signs the self-assessment questionnaire.
  • An assessor from the relevant body then reviews and certifies the questionnaire.

Voucher Scheme

Scottish Enterprise offer a voucher scheme for £1000 if your company satisfy the following criteria:

  • Are you a small or medium enterprise with fewer than 250 employees?
  • Do you have a registered base in Scotland?
  • Is your company currently trading?
  • Can you give us your ‘SC’ company registration number?
  • Does your business have a network connection?

Is your business already Cyber Essentials Certified? Vouchers are open to new applicants only. If you can answer ‘yes’ to ALL of these questions, simply follow the instructions on the Scottish Enterprise website by clicking on the button below.

Our Clients Include

Frequently Asked Questions

Why should I obtain Cyber Essentials?

The 5 security controls will provide the basic level of protection required and can provide a high level of protection against standard cyber-attacks. By properly implementing these controls budget savings will be realised through efficiency and resilience.

As the scheme gains credibility, larger organisations are beginning to request the certification if you wish to become (or remain) part of their Supply Chain as it provides independent verification of your security posture. This, in turn, will enhance your organisations reputation and open up new commercial opportunities by assuring them you take the security of their data seriously.

The UK Government now requires ‘suppliers of most contracts and services to hold a Cyber Essentials certificate’

What is required?

Complete a self-assessment questionnaire which must be signed off by a senior organisation representative. It is then evaluated and verified by an external certification body (note – they may require further follow-up questions answered). After this the certificate is then issued.

How long between submitting a questionnaire and receiving the certificate?

For Cyber Essentials, provided there is no requirement for follow-up questions, it is possible for the process only to take a few days. However, for normal timescales, plan on the process from application to issuing the certificate to take around 10 working days.

What is the Process?

The process described below describes the Siker onsite package.
– Purchase the CE package
– Arrange suitable date for consultant visit (allow one day)
– Hold pre-visit call to discuss what is required for the visit e.g. copies of policies, network diagrams, etc
– Host consultant and provide with all required information
– Consultant will complete questionnaire and return for review by submitting organisation.
– Once agreed, the questionnaire is signed by senior representative.
– The questionnaire is then submitted for review.
– If any further questions arise, the consultant will assist with the answering.

Where can we display our CE certificate?

Once successfully completing the process and receiving your certificate, you will receive a branding pack. This will include a copy of the correct CE badge for you to display on material such as:
– Websites
– Promotional material
– Letterheads
– Email signature blocks

Where is the list of CE certified organisations?

You can search by name on the NCSC website.

How do we re-certify?

This is an annual process and is akin to having a MOT for your security. It provides you with the opportunity to review and update any of the information required and then re-apply.

Find out more about Cyber Essentials Consultancy

CONTACT US

Registered office and postal address
Whiteleaf Business Centre,
11 Little Balmer,
Buckingham,
United Kingdom,
MK18 1TF

+44 (0)20 3441 7642
info@sikercyber.com

FOLLOW US

We have a regional office located in: Edinburgh, UK

Siker Ltd is registered in England & Wales
Company Registration Number No. 11208267

From Middle English meaning Secure, Safe, Stable.
From Old English meaning Secure from, Safe, Free from danger or harm.

Believe - Learn - Achieve