Cyber Essentials

 

Cyber Essentials Certification

    

Armadillo Sec are certified by CREST as a Cyber Essentials certifying body offering certification for Cyber Essentials Basic (stage 1) and Cyber Essentials Plus (stage 2).

We offer unlimited help and guidance throughout the process at no extra charge, to help you obtain your Cyber Essentials certification.

Watch our quick and simple Video Guide, use our Pricing Tool to calculate your certification cost and Download the self assessment questionnaire for free before committing to buy.

Cyber Essentials is a Government-backed, industry supported scheme to help organisations protect themselves against common cyber attacks.

According to the UK Government, 80% of cyber attacks could be prevented if organisations put simple cyber security controls in place.

The Cyber Essentials scheme identifies some fundamental security controls that organisations should have in place to secure themselves against common cyber threats.

A simple virus or piece of malware could result in loss of company and client data, disrupt your cashflow and take up staff time.  An attack could also put off your customers, stop you trading and damage your hard-earned reputation.  Loss of data could breach the Data Protection Act and lead to fines or prosecution.

Obtaining the Cyber Essentials certification will:

  • Protect your organisation against common cyber threats
  • Show your customers you take cyber security seriously
  • Enable you to bid for Government contracts

Achieving the certification will also allow you to use the Cyber Essentials badge to advertise that your organisation meets a Government-endorsed standard.

Cyber Essentials Basic - Stage 1

This is a self-assessment certification that combines a security questionnaire and an external vulnerability scan of Internet facing systems for your organisation.  We will review the self-assessment questionnaire and external vulnerability assessment results, and if both areas pass you will be issued a Cyber Essentials certificate and can use the certified badge.

The following key areas are assessed:

  • Boundary firewalls and Internet gateways
  • Secure configuration
  • Patch management

Stage 1 assessments are all conducted remotely, no onsite visit is required.

Step 1

We will issue you a self-assessment questionnaire that must be completed and returned.

Step 2

We will schedule and conduct an external vulnerability assessment against your Internet facing systems.

Step 3

We will review the results from steps 1 and 2 and issue a pass or fail. If you pass, we will issue your Cyber Essentials certificate. If you do fail, we can work with you to help you prepare and conduct a re-test.

Cyber Essentials Plus - Stage 2

This combines a  self-assessment security questionnaire, an external vulnerability scan of Internet facing systems as well as authenticated vulnerability scans of your internal workstations and mobile devices.  We will review the self-assessment questionnaire and external vulnerability assessment results, then arrange an onsite visit to test your internal workstations and mobile devices. If all elements of testing  pass you will be issued a Cyber Essentials Plus certificate and can use the certified badge.

The following key areas are assessed:

  • Secure configuration
  • Access control
  • Malware protection
  • Patch management

Step 1

We will issue you a self-assessment questionnaire that must be completed and returned.

Step 2

We will schedule and conduct an external vulnerability assessment against your Internet facing systems.

Steps 3 - 5 require a visit at your offices to assess the following:

Step 3

Authenticated vulnerability scan of internal workstations.

Step 4

Email and web download protection against malicious file types.

Step 5

Mobile device and tablet basic security review (pin code protection and malware).

We are able to turnaround Cyber Essentials Basic assessments typically within 24-48 hours. We understand you may need the certification fast in order to do business with other companies, so we respond quickly.

For Cyber Essentials Plus assessments we are very flexible and will work with you to identify the best date and time to conduct our on-site visit to your premises.

Watch Our Cyber Essentials Video Guide

We have made a quick and simple how to video guide to explain the process.

Cyber Essentials Pricing Calculator

Use our pricing tool to calculate the costs for Cyber Essentials Basic and Cyber Essentials Plus certifications. Calculate the cost for new certifications, renewals, retest and upgrades from basic to plus.

Buy Cyber Essentials Online

You can buy online by selecting one the certifications and options below:

Cyber Essentials Questionnaire Download

If you would like to view the Cyber Essentials questionnaire before purchasing, you can download this for free below.

cyber essentials questionnaire

Cyber Essentials Questionnaire

Free Download

cyber essentials questionnaire download
If you are considering the Cyber Essentials certification, but unsure about the self-assessment questionnaire you can download this for free to review. This will help you see what is required before paying for an assessment.

What Our Customers Say About Us

Don’t just take our word for it, see our feedback from customers we have already certified.

Cyber Essentials | Cyber Essentials Certification | Cyber Essentials Scheme Overall rating: ★★★★★ 4.9 based on 10 reviews
5 1

Frequently Asked Questions

Certifications do not expire, however it is recommended to re-certify every 12 months to ensure your environment and processes are secure.

You can re-apply and the re-test cost is dependent on which area has failed. If we need to re-run the vulnerability scan for all systems previously scanned, the normal cost is 40% of the original cost paid. If however, it is just the verification of a very small issue we usually do not charge for this. We do not charge to re-assess the self-assessment questionnaire.

Cyber Essentials Basic is included as part of the Cyber Essentials Plus certification, so there is no need to purchase Cyber Essentials Basic, if you are going straight for the Plus.

This depends on the certification body that you used for the Basic assessment and how recent the certification is. However, in most cases we can use the questionnaire already completed without having to start again. We offer upgrade paths at a discounted cost if you already hold the Basic certification.

All Cyber Essentials certifications require organisations to complete a questionnaire to self-certify on the organisation's security controls and configurations, however CREST Certifying Bodies also conduct a remote vulnerability scan to validate elements of the questionnaire.

Cyber Essentials Plus also includes authenticated vulnerability scans of the organisation's workstations and mobile devices and this additional phase of testing increases the validity of the certification considerably by providing evidence of compliance against the following scenarios:

  • Can malicious files enter the organisation from the Internet through either web traffic or email messages?
  • Should malicious content enter the organisation, how effective are the anti-virus and malware protection mechanisms?
  • Should the organisation's protection mechanisms fail, how likely is it that the organisation will be compromised due to failings in the patching of the organisations workstations?

Cyber Essentials Plus is a more thorough assessment of the organisation and, as a result, may provide greater security assurance.

More information relating to Cyber Essentials scheme can be found at the following official site:

https://www.cyberessentials.org/

Ready to become certified?

misson banner scs
Cyber Essentials | Cyber Essentials Certification | Cyber Essentials Scheme
< BACK