ISpectra Technologies
Government · Certification

What is Cyber Essentials?

A UK government-backed certification covering five core technical controls — often mandatory for UK public-sector contracts.

Definition

Cyber Essentials is a UK government-backed certification scheme, operated by the National Cyber Security Centre (NCSC), that helps organisations guard against the most common internet-based cyberattacks. It focuses on five fundamental technical controls that, implemented correctly, prevent the majority of low-sophistication attacks.

Two levels are available: Cyber Essentials (a verified self-assessment) and Cyber Essentials Plus (a hands-on technical audit). Certification is frequently required to bid for UK government contracts and is increasingly expected across supply chains.

The five controls

1

Firewalls

Secure your internet connection and network boundary.

2

Secure configuration

Harden devices and software against attack.

3

User access control

Limit access rights to what each user needs.

4

Malware protection

Defend endpoints against malicious software.

5

Security update management

Keep devices and software patched and current.

Who needs to comply?

Any UK organisation — and suppliers to UK government — can pursue Cyber Essentials. It’s a common baseline requirement for public-sector contracts and a quick, credible signal of security maturity for SMEs.

How ISpectra helps

ISpectra guides you through Cyber Essentials or Cyber Essentials Plus — reviewing your configuration against the five controls, remediating gaps, and preparing you for the assessment.

Talk to an advisor