What is Cyber Essentials and What has changed in 2020

You have heard about Cyber Essentials. Either one of your tender's documents asked for it or a client of yours asked for it or you just want to go through the process and achieve the certification. Good. You heard many different things about Cyber Essentials but none of them are very clear. So what exactly is Cyber Essentials?

What is Cyber Essentials?

Cyber Essentials is a certification for businesses that was introduced and backed by the UK government and supported by the industry. When the past Cyber attacks were analyzed 85% of the most common cyber attacks could have been prevented by achieving fundamental cyber hygiene. That’s how the Cyber Essentials certification was born. As the name suggests it looks at the essentials of Cyber Security in your business.

There are 5 different areas the business needs to achieve compliance in order to achieve the certification. They are Firewalls, Secure configuration, User Access controls, Patch Management, and Malware management. For more information please refer to our blog post ‘Everything you need to know about Cyber Essentials’.

Why are the Cyber Essentials important?

Cyber Essentials certification has been increasingly important and being asked in a number of tender documents now. Cyber Essentials has the benefits of staying ahead of the competition, showing your commitment to Cyber Security, and most importantly, most government contracts require you to have the Cyber Essentials Certification in place. For more information please visit our blog ‘Why Cyber Essentials is important?


What’s changed for Cyber Essentials in 2020?

Cyber Essentials certification was first introduced in 2014 in the UK and ever since there have been 5 accreditation bodies. Each accreditation body has several Certification bodies under them. All the 5 accreditation bodies had their own process for going through Cyber Essentials and Cyber Essentials Plus certifications. However, in 2019, National Cyber Security Centre (NCSC) has decided to streamline the process of achieving accreditation and have only one accreditation body to issue the certificates. IASME, one of the accreditation bodies from the 5 won the tender to manage the Cyber Essentials program in the UK.

From 1st April 2020, there has been only one accreditation body looking after the Cyber Essentials certification. All the certification bodies have to be registered with IASME. IASME set out the standard criteria to become the Certification body and also has the process to achieve the Cyber Essentials certification.

The most noticeable change is if a business is looking to achieve Cyber Essentials Plus certification it has to achieve the Cyber Essentials certification first. Once passed, apply for the Cyber Essentials Plus certification. In short, you will need both to achieve the advanced level of the certification.

If the business fails in Cyber Essentials the business will have 3 days to fix the issues and re-apply without any penalties/extra costs. For Cyber Essentials Plus it's 15 days. Please look at our blog post ‘How do I pass Cyber Essentials’ to know what’s needed for Cyber Essentials.

I hope this blog has shed some light on Cyber Essentials and its changes. Do get in touch if you have any further questions at all. Our contact details are below. Cheers

Get certified today

Step 1: Organisation Size

Step 2: Pick Cyber Essentials Package

  • Cyber Essentials Basic - CEB001

    £300 + VAT


    2 Days for Remediation

    1 Day Turnaround

    £25k Cyber Insurance*

    The package explained

    *Insurance details are on IASME website

  • Guided Cyber Essentials - CEB002

    £500 + VAT

    Everything in CEB001 plus


    Online/Phone Support

    *Insurance details are on IASME website

  • Cyber Essentials Plus - CEP001

    £1500 + VAT

    Everything in CEB002 Plus

    30 Day Remediation

    Systems Audit (remote)

    *Insurance details are on IASME website

  • Guided CE Plus - CEP002

    £2500 + VAT

    Everything in CEP001 plus

    Pre- systems Audit

    Gap Analysis report



    *Insurance details are on IASME website

Related Articles


Back to start
aberdeen skyline graphic