Sales & Support Line 0161 233 0099
The Cyber Essentials scheme has been developed by the Government and industry to fulfil two functions:
It provides clear guidance regarding the basic controls all organisations should implement to mitigate the risks from common internet-based threats.
Through the Assurance Framework it also offers a mechanism for organisations to demonstrate to customers, investors, insurers and others that the company has taken essential precautions.
Cyber Essentials offers a sound foundation of basic IT hygiene measures that all types of organisations can implement and potentially build upon. The government believes that implementing these measures can significantly reduce an organisation’s cyber vulnerability. Please bear in mind, it does not offer a silver shield to remove all cyber security risk; for example, it is not designed to address more advanced, targeted attacks and hence organisations facing these threats will need to implement additional measures as part of their security strategy. What Cyber Essentials does do is define a focused set of controls which will provide cost-effective, basic cyber security for organisations of all sizes.
Back in 2012, the UK Government launched its ‘10 Steps to Cyber Security’ and subsequently the ‘Small Businesses: What you need to know about Cyber Security’ guidance manual to encourage organisations to consider how well they were managing their cyber risks. The Government emphasised the need for company Boards and senior executives to take ownership of these risks and ensure that they have considered them adequately in their risk management regime. The initiatives gained traction and industry was very receptive to the government’s cyber security advice and guidance.
After the success of these initiatives, industry wanted evidence for their dedication to cyber security and thus the Cyber Essentials accreditation was born.
The government has since worked with industry to develop new requirements. This is the Cyber Essentials scheme, which focuses on basic cyber hygiene.
The scope of the Cyber Essentials scheme covers the basics of cyber security in a small business or corporate IT system. Implementation of these controls can significantly reduce the risk of prevalent but unskilled cyber-attacks. For many organisations, especially those with significant information assets or those that are exposed to a wider range of threats, Cyber Essentials will be a practical component of wider ranging cyber security procedures.
This is completed internally with Apex Computing’s help, in the form of a self-answer questionnaire which is then accredited externally.
We help get your organisation ready for the accreditation. This may include making changes to your systems and processes to bring them in line with compliance for the accreditation. This includes the cost of your assessment fee and up to 1 day onsite support where a Security Audit will be completed.
Any larger compliance requirements would be quoted for separately and may incur additional costs.
Your organisation will be audited externally by an accredited agency, Xyone.
We prepare your systems for Cyber Essentials Plus, firstly, by completing an onsite Security Audit. As part of this, any minor changes that are required to make your company compliant will be completed in the fixed cost.
We would also have an engineer onsite to assist on the day that the examiners visit to carry out the audit.
Any larger compliance requirements would be quoted for separately and may incur additional costs.
This is where you pay a monthly fee to Apex Computing for a managed security service, which includes:
There are 5 important controls that Cyber Essentials addresses. These include:
Patch Management: Cyber criminals often exploit known vulnerabilities in software, operating systems and third-party applications if they are not properly patched or updated. Regardless of which phones, tablets, laptops or computers your company uses, it’s important that they are kept up to date at all times to prevent this from happening.
Cyber Essential Requirements:
Software must be:
Malware Protection: From opening an infected email and browsing a malicious website to using a memory stick containing malware or viruses, there are many ways that this harmful software can gain access to, and cause damage to, sensitive data. Businesses should put practices in place that restrict malware access.
Cyber Essentials Requirements:
Your company should put at least one of these preventative measures in place:
Secure Configuration: This ensures that computers and network devices are configured to prevent vulnerabilities, cyber risks and data breaches.
Cyber Essentials Requirements:
For computers and networks, the business must regularly:
Password-based authentication requirements:
Access Control: To reduce damage done if an account is misused or stolen, team member accounts should be assigned to authorised individuals only, and they should only be given access to the applications, computers and network needed to do their job.
Cyber Essentials Requirements:
The business should:
Boundary Firewalls and Internet Gateways: You should protect your internet connection with a firewall that analyses incoming traffic to discover whether it should or shouldn’t be allowed onto your network. This prevents unauthorised access to or from your private networks. Every device that connects to the internet must therefore be secured with a firewall, or equivalent network device.
Cyber Essentials Requirements:
The business should:
Put these measures in place and you’re well on the way to becoming certified. We can help you with everything from scoping and filling in the questionnaire, to conducting our own security audit, which thoroughly reviews your business systems and processes, ensuring that they meet the Cyber Essentials requirements. We’ll then make recommendations to help improve network and security measures for the ultimate level of protection.
As with moving to any new supplier there is always a nervous feeling. Business continuity is paramount. All of our inventory is RFID tagged, so if our IT systems stop, so does our production. Our customers are not interested in IT problems, they need large volumes of linen for their daily operations. We needed IT support that understood our business. We made the right choice moving to Apex. Apex are proactive, efficient and show great understanding.
Tarik Saleem, The Linen Group
After consulting other competitors on the market we were blown away by Apex Computing. They understood our needs, offered a personal service and to date have performed exceptionally. I really can't recommend them enough.
David Busby, Around Town Flats
Apex is a fantastic IT support company with great people and client service. We are in regular contact with them and have never had a bad experience. We value their knowledge here at Embryo Digital and they support us with any IT issues we have with incredible care and attention.
Embryo Digital - embryodigital.co.uk
Our company has grown considerably since Apex first started to support us in 2009 and they have been pivotal in making sure our IT infrastructure has been able to support this growth. Our company operates 24/7 and monitors over 25,000 manned guards. Apex has always responded quickly to solve any problems and never failed to answer the phone at any time.
- Steve Foster, Kingdom Services Group -
As soon as we joined Apex, we immediately noticed a sharp increase in the number of IT Support calls we were making; not because of any increase in the number of IT issues we were experiencing, but simply due to the fact that we knew any issues we might have would be fixed promptly and efficiently, and therefore had no inhibitions in calling on Apex for help.
- Matthew Wilkinson Pyranha Kayaks -
We have been using Apex Computing Services for over 5 years for our IT Support. Over the years of working with Director Chris Gorman and the support engineer team they have really gone above and beyond our expectations. I trust Chris and the team to handle any of our IT support issues and find them extremely helpful and they are a joy to work with.
- James Beazley, 6group.com -
We have continued to get excellent service and support from Apex Computing Services. With Manchester Carers being a local independent charity, we rely on an honest, trustworthy and innovative IT support company. We are really happy with the service we have received over the years and we value their IT knowledge and expertise. They take corporate social responsibility really seriously.
- Shirley Devine, Manchester Carers -
As a small business we have tried to concentrate on giving service to our customers rather than spending too much time getting a proper computer system infrastructure to cope with increasing work. As a result we suffered and Apex Computing came to our rescue going beyond expectations by trying to sort our existing problem before offering a full solution. I thoroughly recommend them.
- Paul Rebbitt, Park Hose -
These are just a handful of the reasons why we believe Cyber Essentials is necessary for businesses of all shapes and sizes, regardless of sector or industry:
Cyber Essentials is self-certified process, involving a 40-question questionnaire. Each question requires a ‘Yes’ or ‘No’ response, with justification for proof. We are more than happy to help with the process, whether that’s determining the scope, checking that your IT systems are secure and that all five controls are implemented correctly or submitting the questionnaire for review by Xyone and APMG.
What Should I Expect On The Cyber Essentials Questionnaire?
Examples of questions that appear on the questionnaire include:
If while filling out the questionnaire you require some assistance, please don’t hesitate to pick up the phone and give us a call on 0161 233 0099.
With Cyber Essentials Plus, the protective measures you need to have in place are still the same, but your cyber security is tested and confirmed by a certification body. We trust Xyone with all of our clients, who confirms the scope for Plus, and then:
If there are any nonconformities, we can help you fix them. A Xyone assessor will then reassess your security practices, and should they all be up to scratch, you will receive your Cyber Essentials Plus certificate.
As with Cyber Essentials, we are happy to help with everything from the scope to providing you with guidance on best practices for the assessor. For example:
Then, dependent on the results of the meeting, we can help you put remediation in place that aligns with requirements, and help you prepare for reassessment.
Cyber Essentials offers many advantages to certified businesses, including:
Along with being a cost-effective solution to your security needs, it helps to mitigate common threats to businesses, protecting company assets and IP’s.
Talk to us today about securing your business, and those of your clients.
Our dedicated support team will help guide you through the process. Contact our support team today for more information and to book a free consultation.
Ready to pass the test? Please get in touch with us today to learn more about Cyber Essentials and how it’ll make a difference to your business, clients and employees.
We are a full service IT Support Company offering a huge range of services, including:
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.