Frequently Asked Questions
HOW LONG DOES IT TAKE TO BECOME CYBER ESSENTIALS AND CYBER ESSENTIALS PLUS CERTIFICATED?
It is possible to get from application to Cyber Essentials certification within a day or two, but this depends entirely on your current cyber security profile and ability to address the points raised during the process. In reality, most organisations take around 14 days from application to complete the assessment and receive certification. Because of the need to achieve a higher level of assurance, as well as the need to arrange the internal security assessment and external scan, this process of becoming Cyber Essentials certificated will usually take longer than 14 days.
DO LABYRINTH TECHNOLOGY CONDUCT THE ASSESSMENTS FOR CYBER ESSENTIALS AND CYBER ESSENTIALS PLUS?
Yes. Labyrinth Technology are trained and licensed to deliver Cyber Essentials and Cyber Essentials Plus certifications, and only the organisations that are licensed to do so can conduct assessments.
WHAT IS THE DIFFERENCE BETWEEN CYBER ESSENTIALS AND CYBER ESSENTIALS PLUS?
For the lower certification organisations complete a self-assessment questionnaire which is then signed off by the appropriate signatory within the organisation. This is then verified by an independent party such as Labyrinth Technology, that is trained and licensed to certify against the government’s scheme. Cyber Essentials Plus requires a technical audit of specific systems, and provides a more advanced level of assurances. There is also the requirement to also pass an on-site assessment, an internal vulnerability scan and an external vulnerability scan, all conducted by the certification body.
WHY SHOULD WE GET A CYBER ESSENTIALS CERTIFICATE?
The primary reason to attain Cyber Essentials certificated status is to demonstrate to your clients, prospects and partners that your organisation takes cyber security seriously, and that you have taken steps to secure your in-house IT while keeping the approach simple and the costs low. If your firm has the Cyber Essentials certification it will be protected against approximately 80% of common cyber attacks, allowing you to focus on your core business objectives. And if that objective is to source new clients, particularly larger clients that take third-party risks properly, this independent verification of your cyber security approach offers tangible proof that you will pose any threat during digital interactions. Furthermore, if you want to apply for government contracts Cyber Essentials certification is likely to be a mandatory requirement, and the Ministry of Defence now mandates that Cyber Essentials is a requirement, not just for all its new suppliers, but their relevant supply chains also.
WHAT IS CYBER ESSENTIALS?
Cyber Essentials is an effective scheme, backed by the UK government designed to help organisations of all sizes follow a path to protect themselves against a range of the most common and current cyber security threat. It also demonstrates the commitment of an organisation to cyber security. There are 2 levels of certification: Cyber Essentials and Cyber Essentials Plus. It should be noted that many government contracts would require a supplier to have a Cyber Essentials certification.