Get UK government backed Cyber Essentials certification, plus all the tools you need to achieve and maintain your certification in one simple package.
Includes Orbital Agent Pro for continuous compliance.
Includes all the features included in Defense.com Starter plus certification cost.
Includes all the features included in Defense.com Starter plus the certification cost of $
Defense.com makes achieving and maintaining your Cyber Essentials certification easy. Whether it’s your first time around or you’re looking to renew for another year, these five simple steps will help you stay compliant all year round.
Before completing the Cyber Essentials questionnaire our Cyber Assessment helps identify gaps in your systems and processes and remediate them. Giving you confidence that you'll achieve certification with ease.
Threat Recon quickly assesses your attack surface from a hacker’s perspective by identifying exposed ports and services, related assets such as subdomains and monitors for data exposed through breaches and the dark web.
Defense.com’s Orbital Agent helps automate the process of tracking your assets, their operating systems and installed applications. Our in-built compliance checks help you continuously monitor for devices that no longer meet Cyber Essential’s secure configuration requirements.
Endpoint Protection provides industry leading anti-malware and anti-phishing protection. Plus, automated patch management and disk encryption. Helping you to meet Cyber Essentials’ patching requirements with ease.
Running regular vulnerability scans against your externally facing assets enables you to quickly identify remediate, new and existing vulnerabilities. Keeping you ahead of the game with Cyber Essentials requirements for firewalls and secure configuration.
Integrating Microsoft 365 with Defense.com allows us to continuously monitor your Azure account and user accounts for insecure configuration and unusual behaviour, meaning that you’re always one-step ahead with managing user access control.
Cyber Essentials is a UK government backed certification run by the NCSC that shows your business has implemented the five key security controls to defend against around 80% of common cyber threats.
It’s increasingly required to bid for government contracts or work in secure supply chains, and certified businesses can often benefit from reduced insurance premiums and enhanced customer trust.
Fast, affordable and easy to understand. It’s the smart cyber baseline for SMEs.
Cyber Essentials certification requires compliance with five technical controls that form your first line of defence:
Secure your internet connection by using firewalls to block unauthorised access to your network.
Ensure devices and software are set up securely by disabling unnecessary features & changing default settings.
Restrict access to data and services to only those who need it, minimising potential misuse.
Protect against viruses and malware using anti-virus software or other threat detection tools.
Keep software and devices updated to fix known vulnerabilities promptly.
These controls are aligned with NCSC guidance and even map into broader frameworks like ISO 27001, PCI DSS and DORA.
Download Willow: the latest Cyber Essentials question set.
We don't just provide a one-off assessment, our Cyber Essentials package includes powerful tools to help you get compliance and stay compliant.
Our Orbital Agent provides real-time monitoring to keep your business aligned with Cyber Essentials requirements.
Use our cybersecurity tools to reduce risk and improve security posture across the board.
Certification support, remote help and cyber insurance are all included in the price.
If you are more than 250 employees or are looking for a package with Cyber Essentials Plus lets chat to make sure you pick the right package for you.
Experts on-hand if you would like to have a chat about our packages or the process to get Cyber Essentials certified.
“ The expertise we received from day one was excellent, and thanks to their insight we passed Cyber Essentials first time. With our 10-year history of keeping customer data secure, the Cyber Essentials scheme adds further confidence and value to the Backup Systems offerings. ”
You can request support by emailing the request to [email protected] at any time after you have been set up. An assessor will be assigned and reach out to arrange a Teams meeting to go over the assessment with you. You are also welcome to reach out to your assessor if you have any further questions throughout the process.
The assessors aim to mark an assessment within 48 hours of it being submitted, not including weekends or bank holidays. This can vary depending on how many assessments we have at one time.
The assessor will aim to get back to you within 48 hour. If you require your certification by a specific date, you must take this into consideration plus any potential remediation time. Start your assessment in good time to allow enough time to, complete, submit, be marked, remediate, resubmit, and pass!
The pricing of Cyber Essentials has a tiered structure based on organisation size. Prices start from £320 + VAT for an assessment for micro-organisations. Small, medium and large organisations pay a little more, on a sliding scale up to a maximum of £600 + VAT which aims to reflect the complexity involved in assessing larger organisations . The pricing structure uses the criteria used by the UK government which defines the size of an organisation based on number of employees:
Complete your cyber assessment in Defense.com as many times as you like to help prepare your answers before applying to avoid delays. After payment, you'll receive login details for the assessment portal, which you must complete within 6 months.
If prepared, the self-assessment takes about an hour.
Results are typically returned in 3 days. If unsuccessful, you have 2 days to revise and resubmit, with reassessment taking another 3 days. Incomplete answers will be returned for more information, adding a few days to the process.
Cyber Essentials is now required in a large number of central government contracts and an increasing number of local government contracts.
You can see the document to UK Government Procurement Officers which specifies that Cyber Essentials is required in many cases for suppliers to government departments.
In particular, Cyber Essentials is required for Ministry of Defence suppliers for all of their supply chain that handles defence information.
Cyber Essentials Plus starts with the Cyber Essentials verified self-assessment questionnaire but also includes a technical audit of the organisation’s systems to verify that the Cyber Essentials controls are in place. The audit includes an internal and external vulnerability scan and then focuses on a random selection of user devices, all internet gateways and all servers which are accessible to internet users. The Assessor will test a random sample of these systems (typically around 10 per cent) and then make a decision about whether further testing is needed.
The controls for Cyber Essentials and Cyber Essentials Plus are exactly the same but the level of assurance is different. Cyber Essentials Plus offers a higher level of assurance as the controls have been checked by a third party to ensure they are correctly implemented.
Get actionable cyber security advice and insights straight to your inbox.
