Information Security Consulting
What is Cyber Essentials?
Cyber Essentials is a Government backed scheme that aims to help protect organisations of all sizes from the most common types of cyber-attacks.
Many organisations, especially smaller and newly established organisations, have limited controls developed or implemented to secure and protect their information systems and data. Using Cyber Essentials as the first step on a journey towards better information security is a great starting point and provides a foundation to progress towards other standards such as ISO 27001.
There are two levels of Certification:
Cyber Essentials
Cyber Essentials Certification consists of a self-assessment, which reviews your organisation’s current security measures. This first level of Certification shows you how to address the cyber
security basics using simple security controls, protecting your organisation from the most common types of attacks.
Cyber Essentials Plus
The next level of Certification is Cyber Essentials Plus. This involves a more in-depth review and technical validation of your organisation’s security during an external audit,
verifying that the Cyber Essentials controls are in place.
What are the benefits of Cyber Essentials Certification?
Protect your organisation from 80% of cyber attacks.
Demonstrate to your customers and supply chain that you’ve taken the necessary security measures and that you take their security seriously.
Show potential new customers that you have Government backed security measures in place that are independently verified.
Become eligible to bid for contracts with Government bodies and the Ministry of Defence.
A great starting point towards achieving compliance with other Standards and Regulations such as the GDPR and ISO 27001.
What is the Cyber Essentials Certification process?
The first stage of the process is to undertake a self-assessment against the criteria of the Cyber Essentials standard, which will then be assessed by a Certification Body at a
fixed cost based on your organisation’s size. 3B Data Security is a Certification Body appointed by IASME to conduct these assessments.
The Cyber Essentials scheme covers core information security approaches, policies and controls that even the smallest organisations can implement quickly, easily and affordably.
There are five core control areas which are covered in the assessment:
- Boundary firewalls and internet gateways.
- Secure configuration.
- Access control.
- alware protection.
- Patch management.
A successful self-assessment can lead to Cyber Essentials Certification.
To achieve Cyber Essentials Plus Certification, 3B Data Security will then carry out an external assessment of the controls implemented in the initial Cyber Essentials assessment. This assessment will be performed through an audit and penetration test to verify that the controls are operating as described.
A successful audit would lead to the Cyber Essentials Plus Certification. The Cyber Essentials Plus Certification is to be completed within 90 days of passing the initial Cyber Essentials assessment. Both certifications are valid for one year, after which both levels would be reassessed to maintain certification.
Why choose 3B Data Security?
At 3B Data Security, we have a team of expert Cyber Essentials Assessors, who with their set of skills and experience, can work to get you certified in no time.
3B Data Security’s assessors are all experienced and qualified auditors who have specialisms in the Cyber Essentials standard and other schemes such as IASME Cyber Assured, ISO 27001, PCI DSS, GDPR. They are also accredited IASME Cyber Advisors.
The security testing team at 3B Data Security are all qualified penetration testers who are experts in ensuring your systems and networks are as secure as possible. They’ll work to ensure you are secure, not just compliant.
Don’t just take our word for it…
Here’s what just a few of our clients had to say:
      “Knowledgeable friendly staff, professional service and ease of use”
              “You have limitless patience and give clear advice”
    “Thanks for your support and guidance through the questionnaire process”

