Protect your Organisation Against the Most Common Cyber Threats

Posted on 12 June 202512 June 2025

This week we’re looking at Cyber Essentials and how it can help keep your business secure.

Most cyber attacks are basic – the digital equivalent of a thief trying your front door to see if it’s unlocked. Cyber Essentials helps you bolt your door against the most common cyber attacks.

What is Cyber Essentials?

Cyber Essentials is a Government-backed certification scheme that lays out a set of policies and procedures that organisations can put in place to show they meet a basic standard of IT security.

These are a set of basic technical controls that organisations should have in place to protect themselves against common online security threats.

The National Cyber Security Centre (NCSC) recommends Cyber Essentials as the minimum standard of cyber security for all organisations.

7.7 million cyber crimes were experienced by UK businesses over the past year. That’s around half of all businesses in the UK. Don’t be next.

Who is Cyber Essentials for?

Cyber Essentials can help every organisation – from micro businesses to large corporations – guard against the most common cyber attacks. If you have digital assets or store any data, putting the Cyber Essentials controls in place can help you keep it safe.

Here is a great video about Cyber Essentials from the NCSC >

Why should we be Cyber Essentials-certified?

There are a number of reasons why your business should consider gaining Cyber Essentials accreditation.

Protection Against Common Cyber Attacks: Cyber Essentials helps safeguard your organization against the most common cyber threats. By implementing the technical controls outlined in the certification, you create a strong defence against basic attacks.
Demonstrate Commitment to Cyber Security: by obtaining Cyber Essentials certification, you signal to customers and partners that you take cyber security seriously. It reassures them that you’re actively working to secure your IT systems against potential threats and shows your clients and customers that you are a trustworthy business they can deal with in confidence.
Attract New Business: having Cyber Essentials certification can be a selling point when attracting new clients or customers. It demonstrates your commitment to protecting their data and sensitive information.
Supply chain requirements: many businesses and government bodies now require companies along their supply chain to have Cyber Essentials. If you plan to bid for government contracts that involve handling sensitive information or providing technical products and services, Cyber Essentials certification is often mandatory.
Clear Picture of Cyber Security Level: The certification process helps you assess your organisation’s cybersecurity. You’ll gain insights into areas where improvements are needed and can take steps to address vulnerabilities. Certification provides peace of mind. Knowing that your defences align with Cyber Essentials requirements means you’re less likely to fall victim to common cyber attacks.

A Supply Chain Tool

The NCSC sees an increasing number of cyber attacks through supply chain vulnerabilities, but many organisations still struggle to manage supplier cyber risk. A lack of assurance tools, insufficient expertise and a lack of visibility are often cited as key barriers.

A Cyber Essentials certificate increases cyber security across supply chains and gives organisations confidence in the cyber security of their suppliers.

Having a CE certification is usually mandatory for businesses who work on government contracts which involve handling personal information or providing certain ICT products and services.

Here’s a great video from the NCSC about Cyber Essentials in the supply chain >

How do I get my business Cyber Essentials-certified?

There are a series of questions and assessment standards that have to be met. As part of the process, we have to confirm in writing how these are being done and how they will be maintained at that level.

The certification process covers basic IT security and takes into account:

Your firewall
Malware protection
Security configuration (e.g. password policies, multifactor authentication, user access controls)
Software update management (e.g. Windows Updates and software patches)
The CE rules also apply to any mobile devices that are owned by the organisation or user-owned if they access company data or services e.g. send/receive company email.

The assessment is reviewed regularly and we believe the requirements may start to be more strict each year.

Conclusion

Cyber Essentials is a great tool to help to keep your organisation secure. They are a set of basic technical controls that organisations should have in place to protect themselves against common online security threats.

Posted in NewsTagged Cyber Essentials, Cybersecurity

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.