About Cyber Essentials

Home / About Cyber Essentials

What is Cyber Essentials

• Developed as part of the UK’s National Cyber Security Programme; transitioned and tuned to suit Canadian requirements by CyberNB
• Aimed at businesses and organizations of any size to help them achieve a baseline of good cybersecurity practice;
• Backed by industry specialists;
• Designed to provide an overview of an organization’s ability to mitigate the risks from Internet-based threats;
• Also applicable to all private and public sector organizations, universities and charities;
• Offers two levels of certification: ‘Cyber Essentials’ and ‘Cyber Essentials Plus’.

Why is Cyber Essentials certification important for any organization?

• It identifies the required controls believed to shield companies from up to 80% of the common threats from the internet;
• Expected to be a major requirement to win business in both public and private sectors in the future;
• Some Insurance companies may offer incentives for organizations that are Cyber Essentials certified;
• Enables a company to demonstrate to their customers and stake-holders that their data is adequately protected and that they take cybersecurity seriously.

UK Government Logo




QG Logo


The Cyber Highway Logo

Levels of Certification

CE Logo CE Logo

Cyber Essentials

Requires a company to successfully carry out a verified self-assessment of a series of key cybersecurity controls: Boundary Firewalls and internet gateways, Secure configuration, Access control, Malware protection and Patch management. Cyber Essentials certification is awarded once this self-assessment has been presented for review, along with relevant supporting evidence, to an approved Certification Body. The company’s submission should be approved by a senior executive such as the CEO.

Take The Cyber Highway
to Cyber Essentials
CE+ Logo CE+ Logo

Cyber Essentials Plus

Includes the criteria for basic Cyber Essentials compliance, but introduces a higher level of assurance through the external testing of the organization's cybersecurity approach. This typically requires conducting a vulnerability assessment and penetration testing, before certification can be awarded.

Take The Cyber Highway
to Cyber Essentials Plus