Cyber Essentials

Government-Backed

Guaranteed Certification

Improved Security

For All Businesses

Demonstrate your commitment to cyber security while guarding against the most common cyber-attacks with a Cyber Essentials accreditation.

Through our trusted partners, Carrera UK’s IT engineers will assess your IT systems against the Cyber Essentials criteria and help adjust your systems (if needed) to secure your certification. Our technicians provide an in-depth consultancy service to ensure that your business gains its Cyber Essentials accreditation quickly.

Quick Quote

Cyber Essentials is a UK government-backed cybersecurity certification scheme that was created to help businesses protect themselves against common cyber threats. The Cyber Essentials scheme consists of a questionnaire to verify that your business’s IT system meets the requirements. The five areas assessed are:

Secure Configuration: ensuring that systems are configured securely and that vulnerabilities are kept to a minimum.
Boundary Firewalls and Internet Gateways: making sure that firewalls are in place to protect your business’s networks from unauthorised access and that traffic is filtered effectively.
Access Control: making sure that there are appropriate controls in place to ensure that only authorised users can access systems and data.
Malware protection: protecting systems from malware and other malicious software, including viruses and Trojans.
Patch Management: ensuring that systems are kept up-to-date with the latest security patches

The Cyber Essentials certificate is valid for one year. Businesses should renew their certification annually to continue demonstrating their compliance and maintain their accreditation.

Steps to Gaining Your Cyber Essentials Certification

A member of our team will call to discuss your IT systems with you and take the time to understand how your business uses them.

Areas of cyber-security concern will be highlighted by our team. We will use our expert knowledge to create a solution to resolve the vulnerability, with as little disruption to your business as possible.

The recommended solutions will be implemented and checked against the Cyber Essentials criteria.

Our dedicated team member will complete the questionnaire on your behalf before it is audited by our partners to ensure that you gain your certification.

The questionnaire is submitted for approval. Upon success, your business will receive its Cyber Essentials Certification.

We Guarantee Your Cyber Essentials Certification

Our IT engineers have vast experience in gaining Cyber Essentials accreditations for our customers – we know exactly what is required from the assessment and how to make sure your IT system passes. Not only this, but if you are an existing Carrera customer, our engineers will know your infrastructure, how your business uses it, and it is likely that we built and configured it for you, therefore, we will be able to earn your certification quicker than other providers.

If your IT systems are built correctly, many of the security features required for Cyber Essentials will already be built into your system so may only need small (if any) adjustments to pass. If in the unlikely event your business fails the assessment, for example, if you are using unsupported software, a report will be provided with changes that need to be made to your system. Our engineers will make the necessary changes within resubmit your assessment at no extra charge.

Quick Quote

Cyber Essentials Plus

Once you have gained your Cyber Essentials Certification, your business may wish to go one step further and gain its Cyber Essentials Plus Certification. The Cyber Essentials Plus certification takes the 5 areas assessed in Cyber Essentials, and verifies that they are in place and working. This is verified by an external vulnerability scan on your business’s network. The Plus certification demonstrates to your clients and other stakeholders that your business has taken extra steps to ensure that the cyber-security measures are effective. Cyber Essentials Plus may also be required to meet contractual or regulatory requirements.

Cyber Essentials Plus follows a similar process as Cyber Essentials. Our team will recommend and make necessary adjustments to your IT systems, and complete and submit the questionnaire on your behalf. Through our trusted partners, an external vulnerability scan will be carried out on your IT systems to verify the answers provided in the questionnaire. Our expert team are on hand to guide your business through the process, making it as smooth as possible.

FAQs

Why should my business have a Cyber Essentials Certification?

A cyber essentials certification has many benefits to businesses including:

Compliance: Many organisations, particularly those in regulated industries, are required to comply with specific cybersecurity standards. The Cyber Essentials certification demonstrates that your business meets a basic level of cybersecurity requirements, which can help you meet compliance requirements.
Protection against common cyber threats: The Cyber Essentials scheme covers basic but essential security controls that can protect against common cyber threats. This includes measures such as boundary firewalls, malware protection, and patch management, which can help prevent cyber-attacks and data breaches.
Competitive advantage: Obtaining Cyber Essentials certification can give your business a competitive edge, demonstrating to customers and partners that you take cybersecurity seriously and that you are taking steps to protect their data.
Reputation: A cyber-attack can cause severe reputation damage to a company, regardless of the size. A certification like Cyber Essentials demonstrate a proactive approach to cyber-security and can provide some protection for the reputation of the business in case of an attack.
Contract work: Many organisations including the UK Government will require a Cyber Essentials certification to handle sensitive data or provide technical products and services. Your business will need to obtain the Cyber Essentials certification before bidding for a contract.

How is Cyber Essentials assessed?

Cyber Essentials is assessed through a verified questionnaire about your business’s IT systems. The questionnaire is reviewed by an external certification body. The certification body will then evaluate the results of the self-assessment questionnaire to determine whether the business meets the Cyber Essentials requirements and a Cyber Essentials certificate can be awarded.

Does my business need to change its IT infrastructure to pass Cyber Essentials?

Many of the security features required by Cyber Essentials are built into modern IT infrastructures if they are built and configured correctly by experienced engineers. If you already have a cyber security policy in place, your business may already be meeting the Cyber Essentials requirements, and you just need a completed questionnaire validate the certification. Small adjustments, such as adding multifactor authentication to email accounts, may be required in order to pass the assessment but these do not usually have a large impact on your employees. If your hardware or software is outdated, upgrades may be required. Our team will carry out these upgrades with as little disruption to your business as possible.

What if my business fails the Cyber Essentials assessment?

Our engineers will complete the Cyber Essentials questionnaire to check that your IT systems meet the requirements before it is submitted for review. In the unlikely event that your business fails the assessment, for example, an outdated software is found on the system, a report will be provided with changes that need to be made to your system. Our engineers will make the necessary changes and resubmit your assessment at no extra charge.

How quickly can my business get Cyber Essentials certified?

The Cyber Essentials assessment process can be completed in just a few working days.

How long does the Cyber Essentials Certification last for?

All Cyber Essential certificates expire after 12 months. Before it expires, your business should be reassessed to continue having the Cyber Essentials accreditation.

What is the difference between Cyber Essentials and Cyber Essentials Plus?

Cyber Essentials and Cyber Essentials Plus both assess 5 key areas of your business’s cyber security using a questionnaire submitted for review. Cyber Essentials Plus goes one step further by conducting an external vulnerability scan to verify the answers in the questionnaire. This proves that security measures are in place and working effectively to protect your business and its data against the most common cyber threats.

Related Services

Penetration Testing

Verify your business’s cyber security for vulnerabilities with penetration testing of your network and IT systems.

Acronis Backups

We will ensure that your business’s data is protected by using industry-leading, secure, encrypted backups

Acronis Antivirus

Acronis uses cutting-edge technology in antivirus, anti-malware and anti-ransomware giving your business industry-leading protection.