A Guide to Cyber Essentials & Cyber Essentials Plus

What is Cyber Essentials?

Cyber Essentials is a UK Government-operated scheme that was introduced in 2014 by the National Cyber Security Centre (NCSC) to offer small and medium-sized businesses a straightforward and affordable way to tackle the growing cyber threat and achieve a good standard of cyber security.

Download PDF Guide

What About Support?

By aligning with the five critical technical controls of the standard, businesses can protect themselves from up to 80% of common internet-based attacks as well as demonstrate to clients and prospects that they take cyber security and data protection seriously.

The government requires all suppliers bidding for contracts involving the handling of certain sensitive and personal information to hold an up-to-date Cyber Essentials certificate.

What is Cyber Essentials Plus?

Once you’ve achieved the Basic certification, you can move up to Cyber Essentials Plus, the highest level of the Cyber Essentials scheme.

This involves an independent audit of your systems to verify that your business is meeting al the important security controls that you identified during the Basic self-assessment questionnaire; giving you the official stamp of approval you need to win tenders and build credibility as a company committed to its security.

What Does Cyber Essentials Assess?

  • Patch Management
  • User Access & Control
  • Firewall Protection
  • Secure Configuration
  • Malware Protection

How is Cyber Essentials Assessed?

Technically, there are two assessments you need to complete to be fully certified for Cyber Essentials. The ‘Basic’ certification must be achieved first (you must complete the assessment within 6 months of receiving it).

This is then followed by the more comprehensive ‘Plus’ assessment.

The processes for both are slightly different.

Cyber Essentials ‘Basic’ is a DIY-like certification that comes in the form of a self-assessment questionnaire (SAQ).

Cyber Essentials Plus goes a step further and requires the certification body to check your infrastructure for vulnerabilities and ensure that all of the answers provided in your SAQ are reflected there.

It is important to note that your ‘Plus’ certification MUST be achieved within 90 days of completing Cyber Essentials Basic

What About Support?

When you complete your Cyber Essentials certification with Systemagic, you will be guided through the questionnaire by our friendly and helpful team.

What Are The Benefits of Achieving Cyber Essentials?

There are so many benefits in becoming a Cyber Essentials-certified business, including:


Once accredited, your business will be better protected against the most common cyber threats.


An increasing number of public sector projects require suppliers to be Cyber Essentials certified.


Cyber Essentials shows your commitment to cybersecurity and helps build trust with customers.

Risk Mitigation

Cyber Essentials helps identify and mitigate security vulnerabilities in your organisation’s systems and processes.

Cyber Awareness

The process of obtaining CE requires users to become more aware of risks and best practices.


Many insurance providers offer discounts and special rates to organisations with Cyber Essentials.

Want to Learn More?

If you’re considering CE or CE+ for your business, our Systemagicians are here to support you!
Contact our team for more information.

Download Guide

Are you a looking for IT Support for your business?

Get in touch via our Contact form or call us on 01225 426 800

Business Directory
Business Directory