Get Ready for the 26 April 2026 Transition
Cyber Essentials is a UK Government-backed cyber security scheme developed by the National Cyber Security Centre (NCSC). It helps organisations defend against the most common internet-based threats by focusing on a clear set of essential security controls. As a practical and cost-effective certification, it not only strengthens an organisation’s security posture, but also demonstrates to customers, suppliers, and stakeholders that cyber security is taken seriously.
Improve Your Security
Studies have proven the Cyber Essentials standard to prevent 80% of internet based attacks against organisations. Certified organisations are also awarded a free £25,000 cyber liability insurance.
Grow Your Business
Display the Cyber Essentials Certified logo across your company’s promotional materials to show that recognised cyber security controls are in place, helping to build trust and attract new business.
Win Contracts
Many UK Government and commercial contracts require Cyber Essentials certification as a condition of working with suppliers. Achieving certification can help your organisation meet tender requirements and access new business opportunities.
The Five Cyber Essentials Controls
Developed by the National Cyber Security Centre (NCSC), Cyber Essentials is widely considered to be the best first step to protect organisations from the most common cyber security attacks. Cyber Essentials specifies requirements under five technical controls.
KEYSIGMA is one of a select few elite certification bodies that is also an NCSC Assured Cyber Advisor provider. This means we have the knowledge and understanding of the Cyber Essentials technical controls, have been assessed as competent to provide practical, hands-on support to small and medium-sized organisations, and operate to the National Cyber Security Centre’s quality and cyber security standards.
Our Cyber Advisor status means that we are qualified and authorised to help your organisation understand what is needed to meet the Cyber Essentials requirements, identify gaps in your current security posture, and support you in planning and implementing the technical changes required.
Cyber Essentials specifies requirements under five technical controls:
Cyber Essentials Assessment Scope
The cyber Essentials scope defines which systems, devices, users and cloud services must be included in your assessment. Whole-organisation certification is recommended, but a clearly separated subset can also be certified where parts of the organisation cannot yet meet Cyber Essentials requirements. In some cases, those areas can be descoped from the assessment where appropriate controls and segmentation are in place. Click below to learn how to scope and descope your Cyber Essentials assessment.
