Gain your Cyber Essentials certification - Pass first time

Why choose Bulletproof as your Cyber Essentials partner?

Flexible Packages

Only pay for what you need, thanks to our packages of tiered service and support.

CREST Certified

Our knowledgeable consultants are certified by CREST, making them experts in Cyber Essentials.

Pass First Time

Our gap analysis report easily highlights everything you need to do to pass certification first time.

Grow Your Business

Cyber Essentials is increasingly becoming a minimum requirement for both B2B and B2C sales.

Bulletproof demonstrated their expertise from day one, and thanks to their insight we passed Cyber Essentials first time. With our 10-year history of keeping customer data secure, the Cyber Essentials scheme adds further confidence and value to Backup Systems offerings.

Christopher Blewitt IT Support Technician, Backup Systems Ltd

What’s involved in Cyber Essentials certification?

With over 80% of UK businesses vulnerable to avoidable security threats, the Cyber Essentials framework has been designed as a strong security baseline for every business in every industry. Mapping against five simple key controls means it’s easy to achieve Cyber Essentials certification with the right help. Certification includes:

External vulnerability scan
Shared service assessment
Simple questionnaire
Internal vulnerability scan (Plus only)
Workstation assessment (Plus only)

Find the right Cyber Essentials Package for your business

Cyber Essentials
Cyber Essentials Plus

Cyber Essentials
	Self-Assessment	Remote Help	On-site Support
Suitable for	Businesses with a high degree of information security knowledge	Businesses with some understanding of information security	Businesses with no foundation in information security
Support	Materials only	Remote	On-site
Included	Questionnaire External vulnerability scan ¹ Cyber Essentials results report Certification 2 free retests	Questionnaire External vulnerability scan ¹ Consultant-led advice at all stages Cyber Essentials results report Certification 2 free retests	On-site support ² Gap analysis Report Consultant-led advice at all stages Questionnaire External vulnerability scan ¹ Cyber Essentials results report Certification 2 free retests
Price	£300	£555	£1,295

Cyber Essentials Plus
	Self-Assessment	Remote Help	On-site Support
Suitable for	Businesses with a high degree of information security knowledge	Businesses with some understanding of information security	Businesses with no foundation in information security
Support	Materials only	Remote	On-site
Included	Questionnaire External vulnerability scan ¹ Internal vulnerability scan Workstation assessment ³ Cyber Essentials results report Certification 2 free retests	Questionnaire External vulnerability scan ¹ Internal vulnerability scan (on-site) Workstation assessment ³ Consultant-led advice at all stages Cyber Essentials results report Certification 2 free retests	On-site support ² Gap analysis Report Questionnaire External vulnerability scan ¹ Internal vulnerability scan Workstation assessment ³ Consultant-led advice at all stages Cyber Essentials results report Certification 2 free retests
Price	£1,395	£1,645	£2,345

¹ Up to 10 IP addresses
² On-site support limited to 1 day. Additional on-site days are available and chargeable at our standard rate.
³ Up to 10 device builds

Get in touch today

Submit your requirements via the form below and we'll be in touch to help you gain your Cyber Essentials certification first time.

Frequently asked questions

What are the five key technical controls of Cyber Essentials/Cyber Essentials Plus?

Cyber Essentials looks at five key areas of cyber security to ensure your business is operating to strong security standards. These areas are:

Firewalls
Patch Management
Secure Configuration
Malware Protection
Access Control

What’s the difference between Cyber Essentials and Cyber Essentials Plus?

A Cyber Essentials assessment consists of an external vulnerability scan, a cloud/shared service assessment and a questionnaire. Cyber Essentials Plus goes a step further to also include a workstation assessment and an internal vulnerability scan. Since much of the requirement is common to both standards, we recommend achieving Cyber Essentials Plus certification.

Does my business have to achieve Cyber Essentials before it achieves Cyber Essentials Plus?

Businesses can choose to go straight to Plus certification without first gaining standard Cyber Essentials Certification. However, Bulletproof strongly recommended achieving standard Cyber Essentials first as a way of preparing for the PLUS certification.

What should the scope of the assessment be?

The scope of a Cyber Essentials assessment must include all internet-facing systems and physical locations. For Cyber Essentials Plus, the scope also includes internal assets. Your scope will be agreed with your consultants before your assessment gets underway.

Do you need to test all the workstations in a business for Cyber Essentials Plus?

If all your workstations are from a common build, we only need to undertake sample-based testing. However, if your organisation has multiple build types and you support BYOD (Bring Your Own Device), then each one will require testing individually.

I have ISO 27001, do I still need Cyber Essentials?

Yes. Cyber Essentials focusses on fundamental IT controls, whereas ISO 27001 takes a more holistic approach, incorporating policies and procedures. As ISO 27001 is much more involved, you’ll find it easier to obtain Cyber Essentials/Cyber Essentials Plus certification if you’re already ISO 27001 compliant. We recommend achieving Cyber Essentials in addition to ISO 27001 as it demonstrates your commitment good security practices, and some business/customers may only look for your Cyber Essentials certification, or not understand the difference between Cyber Essentials and ISO 27001.

CREST approved
ISO 27001 and 9001 certified
Tigerscheme qualified testers
PCI DSS v3.2 Level 1
service provider
24/7 on-site Security
Operations Centre