Cyber Essentials

A Government-backed scheme detailing the cybersecurity controls that could prevent up to 80%* of cyber attacks.

Cyber EssentialsThe threatsYour needs


Following Cyber Essentials is the recommended first-step to reduce the risk of cyber attacks for your business.


Cyber Essentials is designed and maintained by HM Government through the National Cyber Security Centre.


Cyber Essentials details the security controls that should be in place to secure against 80%* of common cyber threats.


Cyber Essentials is supportive in complying with the GDPR and often attracts a premium discount for cyber insurance.

What is Cyber Essentials?

Cyber Essentials is two things; it is (a) a technical specification, and (b) a certification.

(a) Technical specification

Implementing and regularly reviewing the Cyber Essentials technical controls will protect your business against common cyber threats.

(b) Certification

Optional unless demanded - obtaining the certificate will show that you take cybersecurity seriously and enable you to bid for Government contracts.

Increasing demand for certification

Cyber Essentials was created to assist in bringing all businesses up to a minimum benchmark of cybersecurity to better secure the British economy. As such demand for certification is ever-increasing, including:

Local & Central Government contracts.

HS2 rail project subcontractors.

Lexcel Accredited Legal Practices (Law Society).

CQS Accredited Legal Practices (Law Society).

The threats

Cyber Essentials addresses the most common internet-based threats, namely those that use widely available tools and require little skill. This includes:


And other ways of tricking users into installing or executing a malicious application.

Password guessing

Manual or automated attempts to log on from the internet, by guessing passwords.


Exploiting known vulnerabilities in internet-connected devices, using widely available tools and techniques.

The technical requirements

Cyber Essentials details a specific set of technical controls for how your IT systems should be configured, and governed through HR policy, to reduce these threats. It covers five areas:

Secure your internet connection.

Secure your devices and software.

Control access to your data and services.

Protect from viruses and other malware.

Keep your devices and software up to date.

Understanding your needs

Which best describes your business?

We are concerned about the increasing risk

Proactive risk management is critical. You need confidence that activity is beneficial.

Cyber Essentials is the recommended first-step; and it is HM Gov's minimum benchmark.

Prevent 80%* of common attacks. Learn more →

We need to get or renew our Cyber Essentials certificate

Save your time and money, and avoid the common headaches created by annual certification.

Use Cyber AMI for supercharged DIY in plain-English with fast track certification.

Your certification is guaranteed. Learn more →