The Cyber Essentials scheme has been developed as part of the UK’s National Cyber Security Programme and in close consultation with industry. It is now mandatory for businesses to have this in place before working on central government contracts that involve handling personal information and the provision of certain ICT products and services.

Cyber Essentials is specifically designed for SMEs to help prevent the vast majority of cyber attacks that can be so disruptive to business. There are two levels of badge to apply for:


Cyber Essentials
This requires the organisation to complete a self-assessment questionnaire, with responses independently reviewed by an external certifying body.


Cyber Essentials PLUS
This covers the same requirements as Cyber Essentials, but tests of the systems are carried out by an external certifying body using a range of tools and techniques.

Cyber Essentials concentrates on five key controls:

  1. Boundary firewalls and internet gateways

  2. Secure configuration

  3. Access control

  4. Malware protection

  5. Patch management

We organise the engagements into three phases from gap analysis, to remediation and support, through to audit and certification and you will have access to a Lead Consultant who will provide guidance and support through each of the Cyber Essentials control areas. 

Quorum Cyber are approved by CREST and one of the few companies in Scotland qualified to take customers from assessment through to Cyber Essentials and Cyber Essentials PLUS certification.