The Cyber Essentials scheme was specially developed by the UK Government and National Cyber Security Centre (NCSC) to make the UK a safer place to live and do business online.
As an information security standard, Cyber Essentials offers an affordable and effective level of assurance for businesses of all sizes and comes in two levels: Cyber Essentials and Cyber Essentials PLUS. Based on a set of 5 key technical controls, it aims to reduce an organisations risk of attack from internet-borne threats by up to 80%.
Widely recognised as a benchmark of good cyber hygiene, certified companies demonstrate that they have taken the necessary steps to safeguard sensitive data. Furthermore, a valid Cyber Essentials certificate is increasingly required within supply chains and is compulsory for any business bidding on Government and UK defence contracts.
1. Access control
3. Malware protection
4. Secure configuration & network management
Updating software / patching
As a Cyber Essentials Certification Body, we offer full support and certification services for both Cyber Essentials and Cyber Essentials PLUS.
Following our initial scoping exercise, we’ll perform a preliminary audit covering the 5 key Cyber Essentials controls. We’ll follow up with a bespoke report, identifying any vulnerabilities and improvements needed in your IT infrastructure, including any recommendations and optional remediation plans.
Once satisfied, one of our fully qualified assessors will complete the necessary assessment and issue your certification.
Our Cyber Essentials assessment is comprised of a questionnaire and external vulnerability scan to ensure you’re meeting best practice standards.
Although it’s not a specific requirement of Cyber Essentials, we perform a thorough scan of your internet-facing infrastructure and devices to ensure they’re vulnerability free. Working closely with your business, we’ll then complete the neccessary documentation and issue your certification.
Cyber Essentials PLUS* is based on the same criteria as the initial certificate, but the assessment is carried out onsite and involves further vulnerability scans.
During the audit, we’ll conduct a range of internal and external vulnerability scans and test a sample of end user and network devices to check that they’re well secured. Once satisfied, we’ll complete and sign off your certification.
*Cyber Essentials PLUS must be completed at the same time or within 3 months of the initial Cyber Essentials certification.
Once achieved, we recommend renewing your certification annually. This will enable you to maintain certified status and ensure the continual review and development of your cyber controls.
As an IASME accredited Certification Body, we’re fully trained and licensed to deliver both the Cyber Essentials and IASME Governance standards.
All of our assessors are fully qualified and have deep expertise across IT and information security, so you can be sure we’ve got all your needs covered.
We’ve developed a unique 5-step process to ensure your certification goes as smoothly as possible right from the word go.
Whether you choose Cyber Essentials or Cyber Essentials PLUS, we’ll work with you throughout to ensure your certification is a resounding success.
“We have found everyone at Air Sec to be extremely professional and would have no problem recommending their services. We felt very well supported throughout the certification process and are confident that the security measures we have implemented are applicable to our business requirements.”
David Brittan, ICT Manager
As well as being a Cyber Essentials Certification Body, we’ve met the highest standards required for ISO 27001 ISMS, IASME Gold and Cyber Essentials Plus accreditations. We’re a core member of the UK Cyber Security Forum and Cyber-security Information Sharing Partnership (CiSP) too.
Please complete the form below with details of your enquiry and we’ll be in touch shortly.