Get certified quickly with expert guidance. We handle the technical complexity so you can win contracts and reduce insurance premiums.
Cyber Essentials is a UK government-backed certification that proves your organisation has essential cybersecurity controls in place. It's increasingly required for government contracts, supply chain relationships, and can reduce cyber insurance premiums by up to 10%.
Without expert guidance, the certification process can be confusing and time-consuming. We've helped dozens of organisations achieve certification efficiently—typically within 2-4 weeks.
Most clients achieve Cyber Essentials certification within 2-4 weeks with our guided support. Cyber Essentials Plus typically takes 4-6 weeks including technical audit.
Self-assessment questionnaire verified by an independent certification body. Suitable for most small to medium businesses.
From £495 + certification body fees
Includes gap analysis, remediation guidance, and questionnaire support
Includes hands-on technical verification by certified auditors. Required for high-value government contracts and sensitive data handling.
From £1,495 + certification body fees
Includes full technical audit, remediation support, and re-testing if needed
Note: Certification body fees (£300-500 for CE, £500-800 for CE+) are paid directly to the accredited certification body and are not included in our service fees.
Cyber Essentials certification verifies that you have these five fundamental security controls properly implemented across your organisation.
Properly configured boundary firewalls and internet gateways to prevent unauthorised access to your network and systems.
Devices configured securely with unnecessary features disabled, default passwords changed, and administrator access controlled.
Appropriate user accounts, strong password policies, multi-factor authentication, and limited administrator privileges.
Up-to-date antivirus/anti-malware protection on all devices, with regular scanning and automatic updates enabled.
Timely application of security patches for operating systems, software applications, firmware, and mobile devices used for business purposes.
We conduct a comprehensive gap analysis of your current security posture against the Cyber Essentials requirements. You'll receive a clear report identifying what's compliant and what needs attention.
We implement the necessary security controls and configuration changes to bring you into compliance. This might include firewall configuration, enabling MFA, deploying antivirus, or adjusting user access policies.
We guide you through the self-assessment questionnaire (or complete it on your behalf with your approval), ensuring accurate and complete responses that align with your actual technical implementation.
We submit your completed assessment to an accredited certification body. For Cyber Essentials Plus, we coordinate the technical audit and ensure your systems are ready for testing.
Once approved, you receive your official Cyber Essentials certificate and badge, valid for 12 months. We'll remind you before renewal is due and help you maintain compliance year-round.
Most organisations fail their first assessment due to these easily-fixed issues. We identify and remediate them before submission.
No length requirements, no MFA, shared accounts, or default passwords still in use.
Users with unnecessary admin rights, no separation between standard and admin accounts.
Missing security patches, end-of-life operating systems, or disabled automatic updates.
Missing antivirus on some devices, disabled scanning, or out-of-date definitions.
Default firewall rules, unnecessary ports open, or personal devices bypassing security.
Personal phones accessing company data without encryption or remote wipe capability.
Cyber Essentials certification is valid for 12 months, but maintaining compliance requires ongoing attention. Our managed IT clients benefit from continuous monitoring and automated updates that keep them compliant between renewals.
Not currently a managed services client? We can provide annual compliance reviews as a standalone service to ensure you remain audit-ready.
Start with standard Cyber Essentials unless you specifically need Plus. You'll need Plus if: you're bidding on central government contracts handling personal data, a client specifically requires it, or you want the highest level of assurance for insurance purposes. Most supply chain and tender requirements are satisfied by standard Cyber Essentials.
With our support, most organisations achieve standard Cyber Essentials within 2-4 weeks. Cyber Essentials Plus takes 4-6 weeks due to the technical audit scheduling and potential remediation. Timeline depends on your current security posture and how quickly gaps can be addressed.
Certification bodies typically charge £300-500 for Cyber Essentials and £500-800 for Cyber Essentials Plus. These fees are paid directly to the accredited certification body (such as IASME or Crest) and cover their independent verification and certificate issuance. Our fees cover the technical work and guidance to get you ready for certification.
With proper preparation, failure is rare. If any gaps are identified during the certification body review, we'll help you remediate them and resubmit at no additional charge (within reason). For Cyber Essentials Plus, if technical issues are found during the audit, we'll fix them and coordinate re-testing.
Absolutely. Many clients return to us annually for renewal support. If you're a managed services client, we'll proactively monitor your compliance throughout the year and make renewal straightforward. One-off certification clients can engage us again for renewal at a reduced rate since we already know your environment.
Yes. If you already have an IT support provider but need Cyber Essentials expertise, we can work alongside them as consultants. We'll conduct the assessment, provide remediation guidance they can implement, and handle the certification body liaison. Alternatively, we can take full ownership of the technical work if preferred.
Schedule a free consultation to discuss your certification needs and timeline. We'll assess your current security posture and provide a clear path to compliance.
Book a Free AssessmentOr call us to discuss your specific requirements