top of page
  • OCM Engineers

"Cyber Essentials Works!" Saqib Bhatti Parliamentary Under-Secretary of State for Tech and the Digital Economy

Updated: Jun 3

"Cyber Essentials Works!" Saqib Bhatti Parliamentary Under-Secretary of State for Tech and the Digital Economy

Cyber Essentials is a UK government-backed and industry-supported cybersecurity certification scheme.

It aims to help organisations protect themselves from common online threats by implementing a baseline of security controls.

Key Points:

  • Purpose: The main goal of Cyber Essentials is to protect businesses from common internet-based cyber-attacks. These attacks often target vulnerabilities in software and systems that haven't been updated or properly configured.

  • Five Technical Controls: The scheme focuses on five key technical controls:

  1. Firewalls: Protecting your internet connection.

  2. Secure Configuration: Ensuring software and hardware are set up correctly.

  3. User Access Control: Managing user accounts and access privileges.

  4. Patch Management: Keeping software up-to-date with the latest security patches.

  5. Malware Protection: Defending against viruses and other malicious software.

  • Two Certification Levels:

  • Cyber Essentials: Self-assessment questionnaire completed by the organization.

  • Cyber Essentials Plus: More rigorous assessment involving external vulnerability scans and internal infrastructure checks conducted by an approved assessor.

  • Benefits:

  • Reduced Risk:  Implementing Cyber Essentials controls significantly reduces the risk of falling victim to common cyberattacks.

  • Credibility: Demonstrates to customers, partners, and suppliers a commitment to cybersecurity.

  • Insurance Benefits: Some insurers offer reduced premiums for businesses with Cyber Essentials certification.

  • Government Contracts:  Often a mandatory requirement for bidding on certain government contracts.

Who is it for?

Cyber Essentials is suitable for organisations of all sizes and sectors. It's particularly beneficial for small and medium-sized enterprises (SMEs) that might not have the resources for complex cybersecurity measures.

The history of Cyber Essentials starts in 2014

Inception and Launch (2014):

  • Motivation: Born out of a growing concern for cyber threats targeting UK businesses, especially small and medium enterprises (SMEs).

  • Collaboration: Developed in partnership with industry experts like the Information Security Forum (ISF), Information Assurance for SMEs Consortium (IASME), and the British Standards Institution (BSI).

  • Government Backing:  Launched in June 2014 by the UK government, specifically the Department for Business, Innovation and Skills (now the Department for Business and Trade).

  • Immediate Adoption: Quickly gained traction with several organizations certified by the end of the month.

Government Mandate (2014):

  • Mandatory Certification: Starting in October 2014, Cyber Essentials certification became a requirement for suppliers to the central UK government handling specific types of sensitive and personal information.

  • Driving Adoption: This move incentivized widespread adoption across the business landscape, particularly for those aiming to win government contracts.

OCM Communications Limited Cyber Essentials Certificate

Cyber Essentials Plus (Introduction):

  • Enhanced Assurance: A higher level of certification, Cyber Essentials Plus, was introduced to provide more rigorous testing.

  • Independent Verification: This scheme includes an on-site technical verification of an organization's security controls.

OCM Communications Limited Cyber Essentials Plus Certificate

Evolution and Growth:

  • Over 53,000 Certifications: The scheme has seen remarkable success, with over 53,000 certificates awarded to date.

  • Recognition: Increasingly recognised by insurers and businesses as a mark of basic cybersecurity hygiene.

  • Updates (2022):  The technical requirements and question sets were updated in January 2022 to keep pace with evolving cyber threats.

And Now OCM Communications Limited are a Cyber Essentials Certification Body!

On behalf of our clients OCM has taken the next step.

Not only can we help businesses achieve the standards of Cyber Essentials and Cyber Essentials Plus but now we are a licensed Cyber Essentials Certification Body and can award certification to our clients who meet the standard.

To get started with Cyber Essentials, simply choose one of our packages, We will then guide you through every step of the way to ensure you pass Cyber Essentials first time - including providing any new policies or training needed for your team.

Alternatively you can book a no obligation, free consultation by clicking the button below :-


Commenting has been turned off.
bottom of page