What is Cyber Essentials?
A UK government-backed certification covering five core technical controls — often mandatory for UK public-sector contracts.
Definition
Cyber Essentials is a UK government-backed certification scheme, operated by the National Cyber Security Centre (NCSC), that helps organisations guard against the most common internet-based cyberattacks. It focuses on five fundamental technical controls that, implemented correctly, prevent the majority of low-sophistication attacks.
Two levels are available: Cyber Essentials (a verified self-assessment) and Cyber Essentials Plus (a hands-on technical audit). Certification is frequently required to bid for UK government contracts and is increasingly expected across supply chains.
The five controls
Firewalls
Secure your internet connection and network boundary.
Secure configuration
Harden devices and software against attack.
User access control
Limit access rights to what each user needs.
Malware protection
Defend endpoints against malicious software.
Security update management
Keep devices and software patched and current.
Who needs to comply?
Any UK organisation — and suppliers to UK government — can pursue Cyber Essentials. It’s a common baseline requirement for public-sector contracts and a quick, credible signal of security maturity for SMEs.
How ISpectra helps
ISpectra guides you through Cyber Essentials or Cyber Essentials Plus — reviewing your configuration against the five controls, remediating gaps, and preparing you for the assessment.
Talk to an advisor