Cyber Essentials, made simple
What Cyber Essentials actually covers, what it costs, who awards it, and how a UK SMB can pass it without hiring a consultant.
Cyber Essentials is the UK government-backed scheme that proves you have the five basic technical controls in place: boundary firewalls, secure configuration, user access control, malware protection and patch management.
It's awarded by IASME on behalf of NCSC, costs from £320 + VAT for a self-assessed certification, and is increasingly mandatory for UK public-sector contracts and supply-chain due diligence.
This pillar collects everything we publish about preparing for, passing and maintaining Cyber Essentials — written for the only-IT-person, not the consultant.
Tools that fit this pillar
Free interactive checks you can run right now — no account required.
SMB cyber risk self-assessment
A 15-minute, plain-English self-assessment for small businesses — with a printable PDF report mapped to Cyber Essentials.
Why here: Pre-flight your readiness in 5 minutes.
Password strength + generator
Estimate password strength and generate strong passphrases — entirely in your browser.
Why here: Cyber Essentials enforces strong authentication.
MFA setup walkthrough
Step-by-step screen-by-screen guidance to turn on multi-factor authentication for the services that matter most.
Why here: MFA on internet-facing services is a control requirement.
Authoritative sources
We point you at the originals — government, regulator and standards bodies. Bookmark these.
- NCSC — Cyber Essentials overview ↗
Government-canonical scheme description.
- IASME — apply for Cyber Essentials ↗
Sole accreditation body — start your application here.
- NCSC small-business hub ↗
Looking for something else? Browse all guides or jump straight to the tool index.