Cyber Essentials for ESFA Providers 2021-2022


Cyber Essentials for ESFA Providers

All Education & Skills Funding Agency providers are required to renew their Cyber Essentials accreditation and then in addition achieve the Cyber Essentials Plus accreditation for the 2021/2022 funding year. (Link to ESFA website)

Cyberlab are a certification body for both the Cyber Essentials and Cyber Essentials Plus schemes, offering a range of options depending on your requirements and technical ability.

cyber essentials plus certification body.fw
cyber resilience centre trusted partner.fw
crown commercial service supplier.fw

How much does it cost and what is the process?

The Cyber Essentials certification costs £545 +VAT (this is the ESFA requirement for funding year 2021/2022).

The process for achieving Cyber Essentials is as follows:

– Cyberlab provide clients with access to an online portal where they can complete a Cyber Essentials questionnaire
– On submission, a Cyberlab assessor will carry out a pre-assessment check where they identify any areas which are not yet compliant
– Cyberlab schedule a pre-assessment feedback call with the client
– The client is given additional time to work on non-compliant responses
– The assessment is formally marked on the portal and Cyberlab issue the certificate

The Cyber Essentials Plus certification cost is dependent on the size of your organisation which determines the number of devices we need to sample in order to conduct the assessment. Contact us today for pricing.

Cyber Essentials for ESFA Providers 2021-2022
accreditation scope

What are the technical controls?

The scheme addresses the following five key controls that, when implemented correctly, can prevent around 80% of cyber attacks.

- Firewalls
- Secure configuration
- User access control
- Malware protection
- Patch management

the process

What is the difference between Cyber Essentials and Plus?

Cyber Essentials is self assessed and independently verified. Cyber Essentials Plus includes an independent technical audit of your systems to verify that the Cyber Essentials controls are in place. Both levels are based upon the same five controls.

In the current climate, Cyber Essentials Plus audits are being carried out remotely by our Assessors.

guidance and support

How do we achieve the accreditation?

As a Certification Body for IASME, Cyberlab are authorised to assess against the scheme but also to provide consultancy to support organisations to achieve the certification. We offer different support levels to suit your needs.

business benefits

What are the benefits of achieving Cyber Essentials?

Reassure customers that you are working to secure your IT against cyber attacks and have a clear picture of your organisation's cyber security posture.

Formalise your security

Get a clear picture of your organisations current cyber security level and ensure processes are documented.

Set yourself apart

It's a great selling point for your business too. No matter who the client is from an SME to a FTSE 100 company, they want to know you take security seriously.

Win business

Meet eligibility requirements for certain government and MOD supply chain contracts.

Excellent service for a great price We're really grateful to Cyberlab for getting us through our Cyber Essentials Plus certification against the clock. Ryan and Hugo were friendly and responsive but still knowledgeable and professional, always willing to go above and beyond on our behalf despite their competitive pricing. They explained the process very clearly and supported us through every step. We would heartily recommend other companies to make use of them.
Fast efficient and knowledgeable - our certification process was smooth and we had only good experiences with the representatives of the company.
Cyberlab were incredibly helpful and supportive in helping our company achieve Cyber Essentials, we wouldn't hesitate to recommend them!
Gary Williams
Gary Williams
A great team at Cyberlab Ryan and Hugo are a pleasure to work with and offer a range of experience and expertise - highly recommended to anyone needing to talk about their business' security posture.
Flynn Nash
Flynn Nash
Cyberlab was an absolute pleasure to work with. Incredibly transparent and responsive throughout the whole process. Ultimately delivering high-quality services. Highly recommend.
Conal Maguire
Conal Maguire
Excellent service Ryan at Cyberlab provided an excellent service a few months ago when we went for both Cyber Essentials and Cyber Essentials Plus certification. He explained the process very well, and exactly what was expected. He was available to answer any and all questions I posed to him and turned what could have been an arduous task into a relatively painless experience. I wouldn't hesitate to use Cyberlab again and would be happy to recommend them to other businesses.
Support and communication 1st class throughout the whole process.
Tom Slattery
Tom Slattery
Very professional and efficient service
Formic Limited
Formic Limited
Great Service from Start to Finish, highly recommended! We were looking to move from our current provider of many years due to annual price increases of unprecedented levels and found Cyberlab on a google search. We spoke with Ryan and he explained their process and pricing to us. We selected Cyberlab to do our Cyber Essentials Plus Recertification. We have found them very efficient, cost effective, helpful and courteous throughout the process. We have no hesitation in recommending Cyberlab.

Cyber Essentials FAQ

• Protects your organisation from approximately 80% of cyber-attacks, according to the UK government.
• Demonstrates your commitment to security and data protection to customers and stakeholders.
• Boosts your reputation and increases your chance of securing new business by showing you have cyber-security measures in place.
• Cyber Essentials permits you to work with the UK government, Plus gives you the opportunity to work with the MoD.
• Lets you focus on your business objectives, knowing you are secure.

The Cabinet Office’s note to Procurement Officers is available here – this specifies where the Cyber Essentials certification in mandated

It is noted that an increasing number of government and commercial organizations are requiring this certification of their suppliers, even though they are not mandated to do this through the Procurement Policy Notice. In his speech on the 23rd June 2015, Ed Vaizey from the Department of Culture, Media & Sport urged all organizations to “adopt Cyber Essentials so they can protect and promote themselves online to all stakeholders”.

Any company using unsupported or out-of-date software in the scope of the assessment, such as Microsoft 7, will probably fail to achieve Cyber Essentials certification.

The questionnaire requires answers to all questions – most of these questions will require brief notes to enable us to understand your company and the information security controls that you have in place. By providing full details in the questionnaire you will reduce the time required for certification as we will have all the information we need up front.

For Cyber Essentials, once you have completed the self-assessment questions on the online portal we aim to turnaround all assessments within 24 hours.

For Cyber Essentials Plus, this must be carried out within 3 months of achieving the CE accreditation. The CE+ requires an on-site audit which can be scheduled as soon as a signed order is request and a CE pass is in place.

We will email you with a reminder in advance of your expiry date outlining the steps involved in order to work through your renewal.

You need to get nearly all the questions right (compliant) to pass the Cyber Essentials assessment. You do need to be controlling all these aspects of your system to be certified. This very strict pass criteria is set by the UK Government. If you are not compliant in some of the questions we suggest you try and change your processes to meet the requirement and certainly add notes to explain why you are not compliant in this aspect and how else you control that risk.

Yes, the question set can be downloaded here.

Got Questions →

If there’s something you’d like to discuss, feel free to give us a call, drop us an email, or write to us using the contact information provided. We look forward to hearing from you!

About Cyberlab →

We saw that businesses of all sizes were juggling a myriad of disjointed cyber tools. And we wanted to create a service to deliver a comprehensive, dependable alternative.

Ready to start your Cyber Essentials accreditation?