Cyber Essentials & Plus
Government-backed Cyber Essentials and Cyber Essentials Plus — headache-free support from a certified body that cares about your experience.
Get certifiedWhat is Cyber Essentials?
Cyber Essentials represents the UK Government's minimum baseline standard for cyber security for organisations of all sizes in the UK. The annually renewable certification scheme is built around five technical controls designed to prevent the most common internet-based cyber security threats.
Cyber Essentials and Cyber Essentials Plus are fast becoming an expectation of businesses looking to reassure clients of their security posture, or bid for Government contracts. It's fast becoming a minimum requirement in the UK.
How does it work?
The scheme is owned by the UK Government, and managed by a group called "IASME". ADAS (that's us!) have been assessed and certified as a Certification Body to provide a start to finish support and assessment service for both Cyber Essentials and Cyber Essentials Plus. The pricing for Cyber Essentials is set in stone by IASME to make sure it's accessible — so the decision of who should support you should come down to who you'd like to work with, and how easy they can make it for you.
The best resource to learn about the respective schemes is on the official IASME website — so you can decide on CE vs CE+ with confidence.
Effective compliance with Cyber Essentials requires vulnerability management. That isn't just updates for OSs like Windows and macOS — you need scanning for configuration issues and outdated apps that patching alone won't catch. If you need Cyber Essentials and a vulnerability management solution, see our platform.
Why choose ADAS?
Believe it or not, the cybersecurity market in the UK is largely unregulated, so picking a provider with the right experience really does matter. Reputation is everything — here's why you should pick ADAS.
Direct contact
We're a small business with excellent reviews. You'll be working directly with Savva or Andy.
We plant trees
We plant a tree for every Cyber Essentials, and five for every Cyber Essentials Plus. We issue a certificate to thank you for making it possible. Learn more about the Tree Project.
The spirit of the work
We've designed our Cyber Essentials service delivery around convenience and ease for you. Other teams offer cookie-cutter headaches that try to make money on volume. We care about your experience, and our working relationship.
No sales teams
You only work with the people who deliver your exact outcome — no sales teams, no email tennis, no fluff. One point of contact from start to finish.
Pricing
We put our pricing up openly on our website — anything less would be a waste of your time. We also offer a price match guarantee. Want to have a chat and get any questions answered? Get in touch.
Certification pricing
Cyber Essentials is a self-assessment questionnaire completed by you and verified by us with feedback and support. Pricing is regulated by IASME and based on organisation size. Cyber Essentials Plus verifies your controls with a technical audit from us.
Cyber Essentials
- Micro 0-9 Employees £320 + VAT
- Small 10-49 Employees £440 + VAT
- Medium 50-249 Employees £499 + VAT
- Large 250+ Employees £599 + VAT
Cyber Essentials Plus
- Micro 0-9 Employees £1,199 + VAT
- Small 10-49 Employees £1,299 + VAT
- Medium 50-249 Employees £1,399 + VAT
- Large 250+ Employees £1,499 + VAT
Assured Pass
Work directly with us to ensure your pass with a no-fail guarantee. We meticulously pre-assess your readiness and provide structured guidance at a flat rate.
Get in touch for a quoteThe five controls
Cyber Essentials requires implementation of five fundamental security controls.
Firewalls
Properly configured firewalls protecting your network perimeter and controlling traffic flow.
Secure Configuration
Systems configured securely with unnecessary features disabled and defaults changed.
User Access Control
Appropriate access controls with user accounts having only necessary permissions.
Malware Protection
Up-to-date anti-malware software protecting all devices from malicious software.
Security Update Management
Regular patching of operating systems and software to address known vulnerabilities.
Our process
We guide you through every step to ensure first-time success.
Gap Assessment
We review your current security controls against Cyber Essentials requirements and identify gaps.
Remediation Guidance
Receive specific, actionable guidance on implementing required controls cost-effectively.
Self-Assessment Support
We help you complete the questionnaire accurately, ensuring you understand each requirement.
Certification & Beyond
Guide you through the assessment process and help maintain certification annually.
Common questions
Which level do I need?
Cyber Essentials is sufficient for most public sector contracts and demonstrates baseline security. Choose Cyber Essentials Plus if contracts specifically require it, if you handle highly sensitive data, or if you want stronger assurance for clients and insurers.
How long does certification take?
If your controls are already in place, certification can take 2-4 weeks. If you need to implement controls first, allow 6-12 weeks depending on your starting point and organizational complexity.
What if I fail the assessment?
The process is designed to help you succeed. We identify gaps before you submit for assessment. If issues are found during certification, we help you remediate them and resubmit. Most organizations pass on first attempt with proper preparation.
Do I need to renew annually?
Yes, Cyber Essentials certification is valid for 12 months. We help clients maintain their certification year after year, making renewals straightforward as your controls mature.