The Cyber Essentials Certification Scheme

Your Certification made easy: Get Cyber Essentials, Cyber Essentials Plus and IASME Cyber Assurance (previously IASME Governance), with Equilibrium Security your expert certification body.

Equilibrium Security team collaborating attentively

Pass Cyber Essentials first time with our expert guidance

As a long-established Government Cyber Essentials assessor, Equilibrium can help you:

What is the Cyber Essentials Scheme?

The Cyber Essentials scheme is a Cyber Security certification programme developed by the UK government to help organisations, both in the public and private sectors, protect themselves against common cyber attacks.

It was launched in 2014 as part of the UK’s National Cyber Security Strategy and is designed to encourage good Cyber Security practices and raise the overall level of Cyber Security in the country.

The government mandates that any supplier bidding for contracts that involve managing specific sensitive and personal data must possess a valid Cyber Essentials certificate.

Equilibrium Security are one of the few Government Cyber Essentials UK Certification bodies within the Midlands. We have been working alongside IASME conducting Cyber Essentials and Cyber Essentials Plus assessments since 2016.

Need a Trusted Cyber Essentials Company? We’re at Your Service.

We help businesses get certified quickly and with confidence. Whether you’re new to the process or need support with your Cyber Essentials renewal, our team makes it simple to meet the requirements and stay compliant.

What Are The Cyber Essentials Accreditation 5 Key Technical Controls?

Firewalls

Firewalls block unauthorised access to your network. They control what comes in and out, and must be correctly configured to work.

Security Update Management

Keep all software and systems updated to fix known flaws. Remove or upgrade anything outdated or unsupported.

 

Malware protection

Use antivirus software or whitelisting to stop malicious programs. You can also use isolation tools and train staff to spot threats.

 
 

User Access Control

Only give users access to what they need, and remove old access. This limits the risk if an account is misused or hacked.

Secure Configuration

Set up devices and software securely by disabling unnecessary functions. This reduces vulnerabilities and limits exposed information.

What is a Cyber Essentials Certification?

The Cyber Essentials certification is a Government-backed scheme designed to help UK businesses protect themselves against common online threats. It starts with a self-assessment questionnaire, completed via the official IASME Cyber Essentials portal, covering five core areas of cyber security — from firewall configuration to access control.

The 70-question form is designed to assess your organisation’s current cyber posture and highlight any areas needing improvement. Certification demonstrates that your business meets the baseline technical standards required by the NCSC Cyber Essentials framework.

At Equilibrium, our experienced consultants provide remote, hands-on support throughout the process, helping you complete the questionnaire with clarity and confidence — and pass first time.

What is a Cyber Essentials Plus certification?

Cyber Essentials Plus is the advanced level of certification. It includes all the requirements of the basic certification but goes further by incorporating a hands-on technical assessment conducted by our qualified assessors.

Using information from your self-assessment, we carry out a controlled set of tests — including vulnerability scans, configuration checks and simulated attacks — to verify that your cyber defences are working effectively in the real world.

If we identify any non-compliant areas, we’ll guide you through remediation steps to resolve them before issuing your Cyber Essentials Plus certificate, valid for 12 months.

Looking For Pricing? Get Cyber Essentials Costs Today

Cyber Essentials and Cyber Essentials Plus

Why choose Equilibrium as your Cyber Essentials Assessor?

Curious About Cyber Essentials In Action? 

Learn how a software development company nailed the security basics with Cyber Essentials, making their continuous security journey easier and more manageable.

Your Cyber Essentials Plus Checklist

We would never want you to go in blind into a self-assessment, so we have created a Cyber Essentials checklist to make sure you’re well prepared. Before you complete, it’s a good idea to look over these areas, as they will be assessed for your Cyber Essentials certification. 

Here’s what to expect for an NCSC Cyber Essentials Plus Assessment: 

  • A qualified assessor will carry out an audit on a selection of computers to verify their alignment with the scheme’s specifications.
  • The auditor will perform a vulnerability scan on these devices to ensure that patching and fundamental configurations meet the required standards.
  • An external port scan of your publicly accessible IP addresses will be executed to detect any misconfigurations or vulnerabilities.
  • Testing will be conducted on your default email and internet browser settings to validate their configuration and their ability to thwart the execution of potentially harmful files.
  • Screenshots will be captured as evidence demonstrating the system’s compliance with Cyber Essentials.

Cyber Essential Accreditation plus checklist: 

The Cyber Essentials Scheme Process

Step 1
Define the Cyber Essentials scope

Before we can provide a quote or proceed with the assessment we need to understand your environment so that we can fully define the technical scope of what the test will cover.

Step 2
Complete the Cyber Essentials Questionnaire

You can then move onto populating the online Cyber Essentials questionnaire. This is when you need to meet the Cyber Essentials requirements. We will provide Cyber Essentials guidance throughout. However before this is submitted, our dedicated consultants will review your Cyber Essentials answers to check they meet the scheme’s requirements. If changes are required, we provide detailed guidance on areas which need improvement. Once successful, you are deemed as being Cyber Essentials compliant and you will be issued with a Cyber Essentials certification for 12 months.

Step 3
Technical Cyber Essentials Plus audit

After completing the Cyber Essentials certification we move onto the next stage. To pass Cyber Essentials Plus we need to run a series of security tests. This requires our experts to remotely conduct external and internal vulnerability scans. We will also conduct a series of other security checks to test the information obtained in your Cyber Essentials questionnaire. This then lets us know the areas of non compliance you may need to remediate before passing.

Step 4
Remediation

If vulnerabilities are discovered, or other areas of non-compliance, we will provide detailed remediation guidance which needs to be applied within 30 days of the Cyber Essentials Plus assessment.

Step 5
Cyber Essentials Plus certification

Once you have followed all remediation steps, we will conduct a retest to check you comply with the CE+ criteria, you will then be awarded your CE+ certificate for 12 months.

The Benefits of Cyber Essentials

Win New Business

Cyber Essentials helps to assure new customers that you take the security of your business seriously and follow industry best practice.  

Public Sector Contracts

Cyber Essentials and Cyber Essentials Plus permits you to work with the government and MOD.

Cyber Liability Insurance

Benefit from up to £25,000 worth of cyber insurance as part of the certification, conditions apply.

 
 

Reduce the risk of a breach

Improve cyber-resilience by implementing the baseline security requirements of the Cyber Essentials five security controls.

Customer Feedback

Victor Stephenson-Henshaw
Victor Stephenson-Henshaw
Learn Plus Us
Learn Plus Us recently worked with Jacob and the team at Equilibrium Security to pass our Cyber Essentials Plus accreditation. We found them to be extremely supportive and knowledgeable throughout the process. They were always available to answer any questions we had and provided us with the guidance and resources we needed to ensure a successful outcome. We found them to be a pleasure to work with and would highly recommend them to anyone looking to pass their Cyber Essentials Plus accreditation.
Hannah
Hannah
The Institute of Clinical Science and Technology
I have undertaken my organisations Cyber Essentials Plus certification with Equilibrium for another year recently. It is such a positive experience, straight forward and clear. They have again provided great support and guidance to complete the certification, and as always a level of professionalism and expertise that provides great value to our organisation.
Arif Shah
Arif Shah
Cority Cohort
Equilibrium Security have been our vendor of choice for Cyber Essentials for the last 4 years. They are always professional, helpful and patient, with lots of good advice on hand to guide us through the process. I can thoroughly recommend their services.

Get Cyber Essentials: Work with a Trusted UK Certification Body

Whether a client’s asked for it, you’re bidding for a public sector contract, or you just want to get the basics right — Cyber Essentials is a smart move. It shows you take security seriously and helps protect your business from common cyber threats.

At Equilibrium, we’re an accredited IASME Cyber Essentials certification body, helping organisations across the UK get their Cyber Essentials certificate quickly and with minimal hassle. We’ve supported companies of all sizes through the process — whether it’s your first time or part of your ongoing compliance plan. We know the Cyber Essentials UK standards inside out and make the process as clear and straightforward as possible.

Looking For Pricing? Get Cyber Essentials Costs Today

Frequently Asked Questions

The simple answer is no. Before you can move onto the Cyber Essentials Plus, you must first pass the Cyber Essentials basic certification, as the Plus audit assesses the information provided in your Cyber Essentials questionnaire. Once the NCSC Cyber Essentials standard is achieved, you must pass your CE+ within 90 days. This is the same with any UK Cyber Essentials consultancy firm. 

Read more about the CE Plus Assessment without Cyber Essentials here. 

Cyber Essentials qualification is a self-assessed and independently verified questionnaire. The assessment has 70 questions which looks at your Cyber Essentials certification requirements as a company to see if your current approach to securing your business is in-line with the IASME cyber baseline.

The IASME Cyber Essentials certified Plus provides a higher level of assurance, it involves us auditing your systems utilising many vulnerability tools to test the effectiveness of the security measures in place.

Read more about the difference between Cyber Essentials and Cyber Essentials Plus here. 

Cyber liability insurance is provided as part of the HMG Cyber Essentials certification package on an ‘opt-in’ basis. The cyber insurance is available for businesses with an annual turnover of under 20 million, conditions apply.

Read more about how to sign up for Cyber Liability Insurance

Yes, Cyber Essentials and Cyber Essentials Plus certificates are due for renewal after 12 months. If you choose not to renew, your business will be removed from the NCSC’s ‘certified organisations’ list, you will also lose your cyber insurance and ability to work with public sector companies.

Read more about the Cyber Essentials’ certificate expiry dates here. 

As with any certification scheme, it does take an investment in both time and money. There are several factors that will impact the certification timelines, including the chosen certification level and the efficiency of the certification process.

Read here to find out how long does it take to get Cyber Essentials NCSC and what are the factors that influence this timeline.

The IASME Consortium is the accreditation body that administers the Cyber Essentials certification scheme on behalf of the UK Government. You can visit the Cyber Essentials website here.

IASME oversee the UK gov Cyber Essentials scheme helping to ensure it’s operating as intended, provides valid protection against cyber-attacks, that consistency is being maintained and that any disputes are quickly resolved. 

Find out more about the Cyber Essential Accreditation Bodies here. 

If you’re wondering how much the Cyber Essentials price, then it’s important to remember that this can vary. Much will depend on the size of your organisation and the support you need to achieve certification. 

Find out more about the cost of Cyber Essentials Certification here. 

Cyber Essentials completed via IASME, is a certification scheme developed by the UK government to help organisations, both large and small, protect themselves against common online threats and demonstrate their commitment to Cyber Security best practices. The certification aims to improve the overall Cyber Security posture of organisations and reduce the risk of cyberattacks. This commitment is demonstrated through a combination of a self-assessment and validation by an IASME certified assessor, which includes vulnerability tests to ensure the accuracy of the self-assessment.

Cyber Essentials certification is the recognised standard in the UK promoting and assessing Cyber Security best practices in both the private and public sectors.

Find out more about the Cyber Essentials certification here. 

You may ask yourself, why do I need Cyber Essentials? The certification scheme gives organisations confidence that they have strong security measures in place against some of the most common and insidious cyber challenges. It also helps to reassure customers, clients and suppliers that valuable information and data won’t be at risk.

Find out more about Cyber Essentials importance here. 

The Cyber Essentials certification UK is relevant to a wide range of organisations regardless of their size or sector and can provide a number of tangible benefits. You can check what organisations currently have Cyber Essentials Plus Certificate. 

Find out more on how to get Cyber Essentials certification and who has cyber essentials here

Tired of the technical jargon and just want Cyber Essentials explained?

Cyber Essentials is a Cyber Security certification scheme that has been developed to help organisations protect themselves from common cyber threats. The Cyber Essentials framework requires you to fill out a 70 question questionnaire, with help from us at Equilibrium. 

The UK Government Cyber Essentials scheme, accredited by the IASME Consortium, the Cyber Essentials Partner to the National Cyber Security Centre (NCSC), allows you to demonstrate a strong Cyber Security within your business. 

What’s stopping you from filling out the Cyber Essentials form?

Find out more about what is Cyber Essentials here. 

Being Cyber Essential certified will add a number of benefits to your organisation. You will gain enhanced Cyber Security, credibility as well as a competitive advantage. Once certified you can bid for Cyber Essentials MOD contracts. Having UK Cyber Essentials demonstrates that your organisation has achieved the highest standards of Cyber Security. 

If you are unsure whether or not your business is ready to undertake a Cyber Essentials or Cyber Essentials Plus assessment we can run a gap analysis before you move forward. Our gap analysis carefully reviews your current Cyber Security to make sure it meets Cyber Essentials Plus requirements. It helps spot areas that don’t comply before your main assessment, giving you a chance to prepare.

Contact us here to find out more information, and let one of the top Cyber Essentials accredited companies help you!

Once you start the process with Equilibrium this is where your Cyber Essentials implementation starts. You will be registered to sign up for the IASME Cyber Essentials login.

The Cyber Essentials IASME portal is an online platform provided by the IASME Consortium to facilitate the certification process for organisations seeking a Cyber Essentials certification.

The portal allows organisations to complete the Cyber Essentials self-assessment questionnaire, which covers key Cyber Security practices. Once the questionnaire is submitted, it is reviewed by IASME assessors to start the Cyber Essentials testing to determine if the organisation meets the Cyber Essentials certification requirements. Your IASME Cyber Essentials login is essential for your UK Gov Cyber Essentials accreditation.

Are you interested in moving forward with Cyber Essentials? Contact us here to find out how you can buy the Cyber Essentials. 

When working with organisations, a lot of them struggle to understand the patching requirements to ensure they are Cyber Essentials compliant. 

It’s crucial for organisations to keep all tech up to date. This can include, tablets, phones, laptop or computers. You must make sure that the operating systems as well as the software and apps you use are all kept up to date. These updates not only introduce new features but also fix any security vulnerabilities they discover. Applying these updates, known as “patching,” is one of the most vital steps you can take to enhance security. 

For Cyber Essentials Certification, it’s mandatory to keep all software up to date. 

Whilst there isn’t a specific time period specified the Cyber Essentials requirement is that mobile devices have screen lock timeout measures, with a password/code having to be used to reopen the device more frequently.

IASME Cyber Essentials is a basic self-assessment certification for fundamental Cyber Security controls, while IASME Cyber Assurance is a more comprehensive certification with third-party assessments, covering a wider range of security measures, suitable for organisations with higher security requirements.

Find out more about the differences between IASME Cyber Essentials and IASME Cyber Assurance.

IASME Cyber Assurance is a comprehensive Cyber Security certification to verify the effectiveness of your security and governance measures. It goes beyond compliance, providing a higher level of confidence in an organisation’s approach to risk and mitigation.

Learn more about what IASME Cyber Assurance is here.