Cyber Essentials

Pentest People are a Cyber Essentials Certifying Body and can help you at all stages of your Cyber Essentials accreditation journey.

Cyber Essentials is a UK Government led and industry-backed scheme that helps organisations of all sizes protect themselves against common cyber-security threats.

From the 1st October 2014, the UK Government requires all suppliers bidding for contracts involving the handling of certain sensitive and personal information to be certified against the Cyber Essentials scheme.

There are currently two levels of certification, Stage 1 which is the basic level and Stage 2 which is also referred to as Cyber Essentials Plus. Pentest People can help you with the full certification at both levels including performing the certification assessment.

Recieve a UK Government recognised Security Accrediation for your business

Be listed on a Government Directory of organisations awarded Cyber Essentials

Attract new business with the promise you have cyber security measures in place

We can help you through Cyber Essentials and Cyber Essentials Plus for a guaranteed pass

Cyber Essentials (Stage 1)

The initial level of Cyber Essentials certification is delivered through SecurePortal as a self-assessment questionnaire that covers the five technical controls and then an external vulnerability scan of your external facing network.

You are assessed against the answers to your questionnaire and the results of the external vulnerability scan. Stage 1 certification awards the Cyber Essentials accreditation and associated use of the logo.

More info on Cyber Essentials

Cyber Essentials Plus (Stage 2)

The more advanced level of certification relies upon the same protections as Stage 1 but the certification is carried out on your business premises and also includes an internal vulnerability scan of a common workstation build.

Your antivirus protections both via the web and email are manually tested whilst onsite to ensure that your tools of choice are protecting the level of protection required to achieve Cyber Essentials Plus.

You are assessed against the answers to your questionnaire and the results of the external vulnerability scan. Stage 2 certification awards the Cyber Essentials Plus accreditation and associated use of the logo.

In order to achieve Stage 2 certification, you have to first achieve Stage 1 certification.

More info on Cyber Essentials Plus

How Can We Help?

Pentest People are a Cyber Essentials Certifying Body and can perform and accredit you to both Stage 1 and Stage 2 of Cyber Essentials.

As well as the certification, Pentest People can also offer consultancy services including a GAP analysis against the 5 technical controls to ensure that you have adequate controls in place before you undertake a paid Stage 1 assessment.

Download the CREST Cyber Essentials Guide

More information about Cyber Essentials can be found on the NCSC Cyber Essentials Homepage.

Find Out more

Key Benefits

With Cyber Essentials & Cyber Essentials Plus you can let companies & customers know you take your security posture seriously

Reassure your existing and potential customers that you take cyber-security seriously
Be listed on the UK Government Directory of organisations awarded Cyber Essentials
Attract new business with the promise you have cyber-security measures in place backed up with a recognised accreditation
Be able to remediate any identified vulnerabilities within your organisations network infrastructure
Have the confidence that you are protected from the most common cyber-security risks within your organisation

Frequently
Asked Questions

What is the Cyber Essentials Scheme?

Cyber Essentials is a scheme led by the UK Government to help organisation protect themselves against common cyber-security threats. There are two levels of certification that both demonstrate an ability to implement technical controls relating to information security.

What is the difference between Cyber Essentials and Cyber Essentials Plus?

Cyber Essentials is Stage 1 Consists of a Self Assessment Questionnaire and external vulnerability assessment of your Internet-facing infrastructure.

Cyber Essentials Plus is Stage 2 extends Stage 1 by performing an onsite assessment of security controls including an internal authenticated scan of your workstations and mobile devices.

How long does certification take?

A Vulnerability Scan is performed by a software tool that scans the network and checks available services for known vulnerabilities. A Penetration Test takes this one step further and uses a consultant to check for vulnerabilities that an automated scanner cannot find as well as to manually confirm any identified vulnerabilities.

What do we receive once certified?

When you have undertaken your assessment and met all of the requirements of Cyber Essentials or Cyber Essentials plus you will receive the following:

- An official PDF of your Cyber Essentials Certificate.

- A compliant report detailing all findings from the
assessment along with any recommendations where
appropriate.

- High-resolution Cyber Essentials logos along with
branding guidelines on how to use the logos on your
website and marketing materials.

- Your organisation will be listed on the Government
Website that shows your level of certification.