For UK small businesses

Cyber Essentials, made simple

What Cyber Essentials actually covers, what it costs, who awards it, and how a UK SMB can pass it without hiring a consultant.

Cyber Essentials is the UK government-backed scheme that proves you have the five basic technical controls in place: boundary firewalls, secure configuration, user access control, malware protection and patch management.

It's awarded by IASME on behalf of NCSC, costs from £320 + VAT for a self-assessed certification, and is increasingly mandatory for UK public-sector contracts and supply-chain due diligence.

This pillar collects everything we publish about preparing for, passing and maintaining Cyber Essentials — written for the only-IT-person, not the consultant.

Tools that fit this pillar

Free interactive checks you can run right now — no account required.

We're still building out this pillar. In the meantime, the upstream sources below are the canonical reading.

Authoritative sources

We point you at the originals — government, regulator and standards bodies. Bookmark these.

NCSC — Cyber Essentials overview ↗
Government-canonical scheme description.
IASME — apply for Cyber Essentials ↗
Sole accreditation body — start your application here.
NCSC small-business hub ↗

Looking for something else? Browse all guides or jump straight to the tool index.