Cyber Essentials

 

Cyber Essentials Certification

Armadillo Sec are certified by CREST as a Cyber Essentials certifying body offering certification for Cyber Essentials Basic (stage 1) and Cyber Essentials Plus (stage 2).

cyber-essentials-certificate-pack

We offer help and guidance throughout the certification process at no extra charge. Should you fail the Basic assessment we will perform a retest free of charge once you rectify any issues. For Plus certifications we only charge for internal retesting if required.

All certifications now include our exclusive Armadillo Certification Pack which includes a high quality printed certificate along with a Cyber Essentials sticker pack so that you can display your certification status and your commitment to cyber security.

Read our Feedback from customers we have already certified, watch our quick and simple Video Guide, use our Pricing Tool to calculate your certification cost and Download the self assessment questionnaire for free before committing to buy.

We offer help and guidance throughout the process at no extra charge. Should you fail the Basic assessment we will perform a retest free of charge once you rectify any issues. For Plus certifications we only charge for internal retesting if required.

All certifications now include our exclusive Armadillo Certification Pack which includes a high quality printed certificate along with a Cyber Essentials sticker pack so that you can display your certification status and your commitment to cyber security.

Read our Feedback from customers we have already certified, watch our quick and simple Video Guide and Download the self assessment questionnaire for free before committing to buy.

Cyber Essentials is a Government-backed, industry supported scheme to help organisations protect themselves against common cyber attacks.

According to the UK Government, 80% of cyber attacks could be prevented if organisations put simple cyber security controls in place.

The scheme identifies some fundamental security controls that organisations should have in place to secure themselves against common cyber threats.

A simple virus or piece of malware could result in loss of company and client data, disrupt your cashflow and take up staff time.  An attack could also put off your customers, stop you trading and damage your hard-earned reputation.  Loss of data could breach the Data Protection Act and lead to fines or prosecution.

Obtaining the certification will:

  • Protect your organisation against common cyber threats
  • Show your customers you take cyber security seriously
  • Enable you to bid for Government contracts

Achieving the certification will also allow you to use the Cyber Essentials badge to advertise that your organisation meets a Government-endorsed standard.

Cyber Essentials Basic - Stage 1

This is a self-assessment certification that combines a security questionnaire and an external vulnerability scan of Internet facing systems for your organisation.  We will review the self-assessment questionnaire and external vulnerability assessment results, and if both areas pass you will be issued a Cyber Essentials certificate and can use the certified badge.

The following key areas are assessed:

  • Boundary firewalls and Internet gateways
  • Secure configuration
  • Patch management

Stage 1 assessments are all conducted remotely, no onsite visit is required.

Step 1

We will issue you a self-assessment questionnaire that must be completed and returned.

Step 2

We will schedule and conduct an external vulnerability assessment against your Internet facing systems.

Step 3

We will review the results from steps 1 and 2 and issue a pass or fail. If you pass, we will issue your certificate. If you do fail, we can work with you to help you prepare and conduct a re-test.

Cyber Essentials Plus - Stage 2

This combines a  self-assessment security questionnaire, an external vulnerability scan of Internet facing systems as well as authenticated vulnerability scans of your internal workstations and mobile devices.  We will review the self-assessment questionnaire and external vulnerability assessment results, then arrange an onsite visit to test your internal workstations and mobile devices. If all elements of testing  pass you will be issued a Cyber Essentials Plus certificate and can use the certified badge.

The following key areas are assessed:

  • Secure configuration
  • Access control
  • Malware protection
  • Patch management

Step 1

We will issue you a self-assessment questionnaire that must be completed and returned.

Step 2

We will schedule and conduct an external vulnerability assessment against your Internet facing systems.

Steps 3 - 5 require a visit at your offices to assess the following:

Step 3

Authenticated vulnerability scan of internal workstations.

Step 4

Email and web download protection against malicious file types.

Step 5

Mobile device and tablet basic security review (pin code protection and malware).

We are able to turnaround Cyber Essentials Basic assessments typically within 24-48 hours. We understand you may need the certification fast in order to do business with other companies, so we respond quickly.

For Stage 2 Plus assessments we are very flexible and will work with you to identify the best date and time to conduct our on-site visit to your premises.

Once you have obtained your certification from Armadillo Sec, you will receive the following:

  • PDF of your certificate
  • Compliance report - this details all findings and if any issues exist, recommendations are included on how to resolve these
  • Colour and black and white high resolution logos, for use on your website or marketing materials
  • Logo branding guidelines - guidelines on how to use the logos

Additionally, Armadillo Sec will provide you with our exclusive certification pack so that you can display your certification status and your commitment to cyber security. This includes:

  • High resolution printed certificate
  • Congratulations letter
  • Cyber Essentials sticker pack 

Watch Our Cyber Essentials Video Guide

We have made a quick and simple how to video guide to explain the process.

Cyber Essentials Pricing Calculator

Use our pricing tool to calculate the costs for Cyber Essentials Basic and Plus certifications. Calculate the cost for new certifications, renewals, retests and upgrades from Basic to Plus.

Cyber Essentials Questionnaire Download

If you would like to view the self-assessment questionnaire before purchasing, you can download this for free below.

cyber essentials questionnaire

Buy Cyber Essentials

You can buy online now by selecting one of the certifications below or request a quotation if you would prefer to receive a proposal and purchase later.

What Our Customers Say About Us

Don’t just take our word for it, see our feedback from customers we have already certified.

Cyber Essentials | Cyber Essentials Certification Overall rating: ★★★★★ 4.9 based on 33 reviews
5 1

Frequently Asked Questions

Certifications do not expire, however it is recommended to re-certify every 12 months to ensure your environment and processes are secure.

For Basic certifications we will perform a retest free of charge once you have rectified any issues.

For Plus certifications we will reassess the questionnaire and re-run the external vulnerability scan free of charge, however we will need to charge if we need to revisit your premises to rerun the internal assessment.

Cyber Essentials Basic is included as part of the Cyber Essentials Plus certification, so there is no need to purchase the Basic certification, if you are going straight for the Plus.

This depends on the certification body that you used for the Basic assessment and how recent the certification is. However, in most cases we can use the questionnaire already completed without having to start again. We offer upgrade paths at a discounted cost if you already hold the Basic certification.

All Cyber Essentials certifications require organisations to complete a questionnaire to self-certify on the organisation's security controls and configurations, however CREST Certifying Bodies also conduct a remote vulnerability scan to validate elements of the questionnaire.

Cyber Essentials Plus also includes authenticated vulnerability scans of the organisation's workstations and mobile devices and this additional phase of testing increases the validity of the certification considerably by providing evidence of compliance against the following scenarios:

  • Can malicious files enter the organisation from the Internet through either web traffic or email messages?
  • Should malicious content enter the organisation, how effective are the anti-virus and malware protection mechanisms?
  • Should the organisation's protection mechanisms fail, how likely is it that the organisation will be compromised due to failings in the patching of the organisations workstations?

The Plus certification is a more thorough assessment of the organisation and, as a result, may provide greater security assurance.

Absolutely, the assessment is not just limited to Microsoft Windows operating systems. If your end users are using Apple Macs or Linux, then you can achieve the certification.

If you have multiple UK or even Global offices, you can certify just one office or just the UK office if you wish. The certification scope is then limited to that one office and the certificate would state the office that is certified, rather than the entire company.

More information relating to the Cyber Essentials scheme can be found at the following official site:

https://www.cyberessentials.org/

If you have any further questions, please use our Contact Us page to submit your query.

Ready to become certified?

misson banner scs
Cyber Essentials | Cyber Essentials Certification