
Cyber Essentials_
Prove your cyber security credentials and build strong foundations by meeting protective requirements, as set by the National Cyber Security Centre.
Speak to our specialistsWhat is Cyber Essentials?
Cyber Essentials is a UK government-backed certification scheme that helps businesses protect themselves against common cyber threats.
It provides a framework of security controls and best practices that organisations can implement to reduce their risk of a cyber attack.
To achieve Cyber Essentials certification, businesses must demonstrate that they have implemented a set of technical controls and pass a self-assessment. These include strong password policies, firewall and router configuration, patch management, malware protection and secure network segmentation.
Speak to a specialist
Why do you need Cyber Essentials?
Cyber Essentials allows businesses to protect themselves from the ever-growing threat of cyber attacks. By implementing the security controls outlined in the scheme, you can significantly reduce the risk of falling victim to common cyber threats.
Cyber Essentials also provides a valuable assurance to customers, suppliers and other stakeholders. The certification demonstrates that you have taken reasonable steps to safeguard their data, which can enhance trust and credibility.
In addition, Cyber Essentials can help you comply with various industry regulations and standards, which may also help you win additional opportunities and close contracts.
Speak to a specialist
What are the benefits of Cyber Essentials?
Reduce risk: Gain a framework of security controls that can significantly reduce the risk of common cyber threats
Enhance stakeholder confidence: Demonstrate your proven ability to protect data, enhancing trust and credibility among stakeholders and customers
Improve compliance: Comply with various industry regulations and standards that require adequate cyber security measures
Minimise loss: Protect your business from financial losses due to data breaches, ransomware and other cyber incidents
Protect your reputation: Avoid cyber attacks that damage your reputation and bring negative publicity
Drive efficiency: Improve your IT security practices for better operational efficiency and reduced downtime
Reduce insurance premiums: Spend less on insurance, with proof you’re less likely to face cyber attacks
Obtain supply chain preference: Become a more trusted part of the supply chain, enabling you to win more opportunities and partner with businesses
How do Infinity Group support with Cyber Essentials?
We’ve worked with many clients across industries and business types to undertake their Cyber Essentials audits. Our Cyber Essentials certification packages include an audit of your current on-premises and cloud setup, including a list of recommendations in line with Cyber Essentials’ strict certification criteria. Most crucially, they’re affordable.
Cyber Essentials Plus is an independent technical audit of the CE framework, strengthening confidence is your security. We can arrange for you to undertake an assessment for this once you have received Cyber Essentials certification. We can also support you in meeting the criteria required for this.
We’ve also created a Cyber Essentials checklist to guide you through the steps of attaining certification – all of which we can support with.

Cyber Essentials key areas_
Framework of security controls: Gain a comprehensive set of security controls to protect their IT systems and data, covering firewalls to passwords
Certification process: Your business must demonstrate that its implemented the required security controls. This involves a self-assessment process and potentially an independent assessment by a certified assessor
Flexibility: Cyber Essentials is adaptable to businesses of all sizes and sectors. This means that businesses can tailor their approach to meet their specific needs
Cyber Essentials Plus: A more enhanced version of the certification scheme that provides additional protection against more advanced cyber threats, using threat intelligence, security monitoring and incident response
Cyber Essentials FAQs_
Who is Cyber Essentials suitable for?
Cyber Essentials is suitable for businesses of all sizes and sectors. It is particularly relevant for businesses that handle sensitive customer or financial data.
What are the core controls of Cyber Essentials?
The core controls of Cyber Essentials include:
- Firewalls (at boundaries with internet from your premises, cloud services, and individual computers)
- Secure configuration (of user accounts, devices, firewalls, cloud services, etc.)
- Security update (patch) management
- User access control (including passwords, MFA, PIN’s)
- Malware protection (including mobile device controls)
How long does it take to achieve Cyber Essentials certification?
The time it takes to achieve Cyber Essentials certification varies depending on the business’s existing security practices and the complexity of its IT infrastructure. However, it is typically possible to achieve certification within a few months.
Can I use Cyber Essentials to demonstrate compliance with other security standards?
Yes, Cyber Essentials can form part of meeting compliance with other security standards and management systems, such as ISO 27001. However, it is important to note that Cyber Essentials is not a complete security standard on its own.
What is Cyber Essentials Plus?
Cyber Essentials Plus is a certification scheme designed to help businesses protect themselves against common cyber threats. It’s an independent technical audit of the CE framework, strengthening confidence is your security.
To achieve Cyber Essentials Plus certification, businesses must implement the same security controls as Cyber Essentials, including:
- Firewalls (at boundaries with internet from your premises, cloud services, and individual computers)
- Secure configuration (of user accounts, devices, firewalls, cloud services, etc.)
- Security update (patch) management
- User access control (including passwords, MFA, PIN’s)
- Malware protection (including mobile device controls)
Once a business has implemented these controls, they can apply for Cyber Essentials Plus certification. An independent assessor will then review the business’s security practices to ensure that they meet the certification requirements.
We would love
to hear from you_
Our specialist team of consultants look forward to discussing your requirements in more detail and we have three easy ways to get in touch.