The importance of Cyber Essentials

January 4, 2024 | CyberSmart , Cybersecurity , Cyber Essentials
Laurence Keir

Written by
Laurence Keir

When it comes to cybersecurity, businesses must take a proactive approach to their online safety, ensuring they have primary defences in place. The strategy often blends cyber awareness training, security best practices, and cybersecurity tools.


This is where Cyber Essentials comes in. The latest National Cyber Security Centre (NCSC) report is an interesting read about the cybersecurity landscape. With Cyber Essentials certification on the rise, businesses are experiencing a mix of benefits.


Today, we will delve into Cyber Essentials and look at how it’s changing cybersecurity for businesses across the UK.


What is Cyber Essentials?

The NCSC describes Cyber Essentials as ‘an effective Government backed scheme that will help you to protect your organisation, whatever its size, against a whole range of the most common cyber attacks.’


Cyber Essentials is a certification that ensures your business is mitigating risk from common threats and keeping up with best practices and cyber defences.


The five key areas assessed in Cyber Essentials

  1. Secure configuration
  2. Boundary firewalls and internet gateways
  3. Access control and administrative privilege management
  4. Patch management
  5. Malware protection

Pricing depends on the size of your organisation, and businesses can choose between standard Cyber Essentials and Cyber Essentials Plus, which offer varying degrees of certification.  


The first is a self-assessment. Organisations assess the five key areas that provide basic protection against common cyber-attacks. A qualified assessor then verifies this. Cyber Essentials Plus follows the same format but with the added layer of hands-on technical verification and a technical audit of your systems.


Cyber Essentials toolkits, practice questions, and vendors are available to help ensure you pass the first time, and here at Brigantia, we partner with CyberSmart for quick, easy certification. With more and more businesses being certified, Cyber Essentials is fast becoming a core tool of a business’s cyber defence arsenal.


What does the NCSC report show about Cyber Essentials and cybercrime?

The latest NCSC report has highlighted the growing value of Cyber Essentials, with a significant uptake of businesses obtaining certification in 2023. There’s been a 21% increase in certificates awarded and a 55% increase in Cyber Essentials Plus accreditation.


There’s even been a rise in certification bodies, now reaching 321. More certification bodies mean Cyber Essentials training is increasingly accessible and widely acknowledged as a practical cybersecurity approach for businesses of all sizes.


Cyber Essentials certification includes automatic cyber liability insurance (for businesses that don’t exceed 20-million-pound turnover). Interestingly, the statistics show that companies with Cyber Essentials in place make 80% fewer insurance claims. Data like this demonstrates the value of Cyber Essentials in protecting your business and your pockets.

(Figures from:


Why do you need Cyber Essentials?

Let’s start with the most significant benefit of Cyber Essentials – protection against cybercrime. That means peace of mind and minimising risks to your staff and business.


But it doesn’t just protect against cyber threats; it also protects your business against a damaged reputation. Firstly, by preventing cyberattacks, your company maintains trust with customers and avoids loss of business.


Secondly, it lets your customers and other organisations know that you take cybersecurity and cyber health seriously; this helps attract new business and grow your customer base. And it doesn’t just notify other companies; it also lets cybercriminals know you’re a more challenging target, adding a deterrent.


Cyber Essentials has shown itself to be a vital tool for businesses looking to tick the boxes for basic cybersecurity and benefit from reduced risk and potential insurance claims.


Who is Cyber Essentials suitable for?

If your business has an online presence, it’s vulnerable to all types of cybercrime, and the more activity you conduct online, the bigger the risk.


Choosing to get Cyber Essentials certification is a basic layer of protection for businesses of all sizes, with stats showing that SMEs and large enterprises are just as much of a target; every organisation should be vigilant.


IASME will also list your business on the directory of organisations awarded Cyber Essentials certification. For companies wanting government contracts, Cyber Essentials is mandatory. The investment pays businesses back both in reputation and financially, and the NCSC report shows reduced insurance claims.


Final thoughts

With basic, effective cybersecurity processes and products in place, businesses are protected. Cyber Essentials certification is elevating the base level of cybersecurity standards for businesses across the UK, and this is only bad news for cyber criminals.


In an age where cybercrime is on the rise and the role of AI brings new, sophisticated attacks, Cyber Essentials protects businesses against a mirage of threats to their business operations and their relationships with their network and customers.


At Brigantia, we partner with vendors providing the most robust cybersecurity technologies. Our products are carefully selected, and our goal is to give MSPs cybersecurity tools they can trust as they step into the evolving cyber landscape of 2024. To find out more, get in touch.

Recommended reading

Cyber Security Breaches Report

The Cyber Security Breaches Survey for 2024 has been released, and it paints a worrying picture for ...

Who’s ready for the Cyber Governance Code of Practice?

The Government is pushing businesses to beef up their cybersecurity defences. It’s part of the broader ...

How spear phishing works (and how to spot it)

When it comes to the online safety of a business, there’s a series of steps companies can take to protect ...