Cyber Essentials

What is Cyber Essentials?

Cyber Essentials is a government-backed cyber security certification scheme. When implemented correctly, it can then prevent around 80% of cyber-attacks.

The scheme lays out a robust cyber security baseline. This is suitable for all organisations of any size and in any sector. It addresses five key controls:

  • Secure configuration
  • Boundary firewalls and internet gateways
  • Access control and administrative privilege management
  • Patch management
  • Malware protection.

From 1 October 2014, the Government established a requirement. All suppliers bidding for contracts handling sensitive and personal information must then be certified against the scheme. If you are not currently certified, our experts can help.

CRIBB Service Catalogue

Who needs it?

It is mandatory for businesses seeking specific government contracts to deliver certain IT-related products and services. It is also mandatory for businesses dealing with personal information. Without it, you will be unable to bid for such contracts at all.

How do you gain CE certification?

You must complete an online questionnaire. This is then certified by an NCSC Assessor – such as CRIBB Cyber Security – on behalf of the IASME Consortium.

What is Cyber Essentials Plus?

The highest level of certification under the CE scheme; we can then help you achieve this after Cyber Essentials.

Companies trying to achieve this level of certification need an on-site or remote technical assessment. This is to verify that they are adhering to the CE standard. Workstations, servers and IOT are then subject to technical examinations. Devices within your BYOD policy are checked for vulnerabilities too. Once completed, the certification badge is then awarded. You then have 21 days to correct any failures.

What’s the difference between cyber essentials and cyber Essentials Plus?

CE is a self-assessment questionnaire with evidence required. CE Plus requires an external evaluation.

Who needs Cyber Essentials Plus?

Any company with CE certification wishing to demonstrate a deeper commitment to cyber security.

How do you gain Cyber Essentials Plus certification?

You will need to contact an official auditor – such as CRIBB Cyber Security – who can then take you through the required steps on behalf of the IASME Consortium.

Why Cribb?

CRIBB Cyber Security is part of theICEway ecosystem of companies, a group of specialist IT brands that combine to help clients in maritime and cruise, travel, and healthcare. Adopting a collaborative spirit and a security by design approach, CRIBB is an official certification body backed by the UK government that provides end-to-end cyber resilience.

Our cyber security professionals have a wealth of experience and knowledge to work with you and take the strain away. We join together with your team to protect your data. Ultimately then, we will help you to:


Cyber Essentials will adopt a tiered pricing structure from January 2022

The Cyber Essentials certification scheme was launched in 2014 and much has changed since then. The cost of the scheme, however, has remained the same – until now. Assessments for larger organisations are becoming ever more complex. As such, from 24th January 2022, Cyber Essentials will have a new tier-based price structure.

Micro businesses and organisations will continue to pay a £300 assessment charge. Small, medium and large organisations will now need to pay a little more. Put simply, the larger the organisation, the longer it takes to review and feedback on the assessment.

Enterprise Size

Micro organisation (0-9 employees)
Small organisation (10-49 employees)
Medium organisation (50-249 employees)
Large organisation (250+ employees)

CE Cost

£300 + VAT
£400 + VAT
£450 + VAT
£500 + VAT