What are the two levels of the Cyber Essentials certification?
There are two levels of Cyber Certification: basic and advanced. Here is a quick breakdown of what each level entails:
- Cyber Essentials Basic certification
- Requirement to work within the industry.
- Provides security against a number of the most prevalent Cyber Security threats.
- Cyber Essentials Plus certification
- Focused on the specific skills needed to accomplish a particular task, rather than what those tasks entail.
- Ensure that your organisation is secured against basic hacking and phishing threats and attacks.
How much do the Cyber Essentials certification cost?
Both certifications were created to help businesses and individuals understand the risks of Cyber-crime and how to protect themselves against them.
The total cost of Cyber Essentials Certification varies depending on multiple factors:
- Which level you select?
- What kind of safety measures have you taken?
- How durable they are?
- Penetration testing
- The areas in which you still have room for growth
- How long it takes to conduct a thorough evaluation and make necessary changes?
- Certification for Cyber Security Essentials
The basic costs for each certification are as follows:
1. Cyber Essentials Certification
The Cyber Essentials Certification is a great way to start your career in Cyber Security. The certification is offered by the National Cyber Security Centre (NCSC) and is designed to help employees improve their knowledge in cyber security.
The certification authority that governs Cyber Essentials Certification, IASME, charges the following fees:
- Small organisation with 0-9 employees is £300 + VAT
- Small organisation with 10 to 49 employees is £400 + VAT
- Medium organisation with 50-249 employees is £450 + VAT
- Large organisation with 250 or more employees is £500 + VAT
Organisations based in the UK with a revenue of under £20 million are also automatically covered against cyber liability.
Organisations must, however, take into account the costs of preparing for the evaluation and of aligning their activities with the five controls of the scheme: Anti-malware programs, patch management tools, network access controls, and firewall configurations all fall under this category.
There is up to 6 months’ time limit on completing and submitting your online application and accompanying questionnaire for review. You have to reapply and pay again if you do not submit within that time frame. Those who fail the Cyber Essentials questionnaire can retake it for free within two days and have their answers and have their answers reviewed.
However, you are required to pay the whole fee again if you fail for the second time or resubmit after the 48 hour time period has ended.
2. Cyber Essentials plus certification
This Cyber Essentials Certification costs more than the basic Cyber Essentials Certification as it is the highest level standard in Cyber Essentials. Depending on the size of your organisation, the cost of preparing for Cyber Essentials Plus will vary. The certification fee typically ranges between £1,900 and £4,000 + VAT.
What are the differences between the Cyber Essentials and Cyber Essentials Plus certification?
Cyber Essentials and Cyber Essentials Plus Certifications are both relevant for your organisation, but there are some key differences.
| Cyber Essentials | Cyber Essentials Plus |
| It covers the basics of Cyber Security, including protecting your identity and confidential information, as well as understanding how to share information securely. | In addition to the topics covered in Cyber Essentials, Cyber Essentials Plus includes training in ethical hacking along with general information about how to use tools like penetration testing and vulnerability assessment. |
The Cyber Essentials Certifications are great ways to train your employees in Cyber Security. They are affordable, easy to complete and have the potential to open up opportunities for your organisation.
How will your organisation benefit from a Cyber Essentials Certification?
Your company is probably tied to a potential target of a Cyber assault, regardless of its size.
Cyber Essentials Certification is important for small organisations because it helps you understand the basics of Cyber Security and how to implement safe practices.
Here are a few additional benefits:
- Ability to train your employees on Cyber Security - You will be able to offer a clear message about Cyber Security training and make sure that your team members understand what they need to do. When you have employees who understand the importance of Cyber Security, they are more likely to take steps towards protecting themselves from Cyber-attacks. Your team will know how to respond in a crisis situation, whether it is an actual attack or just a small breach of security.
- Prevent around 80% of Cyber-attacks - As part of the Cyber Essentials scheme, installing the five fundamental security policies will help mitigate the effect of threats like: Phishing scams, Malware, ransomware, attacks based on password guessing, attacks on the network.
- Demonstrate supply chain security - Supply chain security is a term used to describe the security of your supply chain. It includes everything from physical security to the supply chain itself, which includes the movement of goods and information between suppliers and customers.
- Win new organisations and gain customer/client loyalty - When customers and clients see that your organisation has Cyber Security measures in place such as the Cyber Essentials Certification, not only will you be able to attract new customers, you will also be able to reassure them that their information is safe within your organisation.
- Be listed on the NCSC’s database - The NCSC (National Cyber Security Centre) is a specialised agency that protects computer systems and networks of federal government agencies, including the Department of Defence.
How long till you have to renew your Cyber Essentials certification?
The certification you acquire, be it the Cyber Essentials or the Cyber Essentials Plus, will be valid for a total of 12 months. This means that for your certification to be valid, you are required to renew it annually.
IASME will email you a month before the certification expires so that you have enough time to renew it.
What happens if you do not certify?
If you do not certify in the Cyber Essentials Certification, your organisation may be held liable for any data breaches that may occur. Data breaches can be costly, therefore it is important that organisations use certifications like this to train their employees efficiently.
You are also at risk of having your organisation suffer negative publicity or even being shut down by the government (in extreme cases) if a breach has occurred and has been unattended to. You are also not able to access the training materials or other materials that are part of the certification process.
Conclusion
Now that you have learnt about what being Cyber Essentials Certified means, you are able to get started with certification and gain one of the most important certifications in the Cyber Security space. If you are interested in learning about other information security certifications, read our guide on how to get started with ISO 27001 Certification.
Stay ahead of your competition! Keep up to date with the latest Information Security tips, business advice, news and events, every month!
