We are pleased to share that ITC is now officially recognised as an IASME Cyber Essentials and Cyber Assurance certification body. This means we’re accredited and able to help your business achieve the Cyber Essentials standard, reaffirming our commitment to supporting both our customers and our region.
As one of the few Cyber Essentials Certification Bodies in the North East, this significant achievement means we’re uniquely positioned to guide and support you in achieving this globally recognised standard. Because we’re accredited ourselves, there’s no need to rely on a third-party auditor, dramatically speeding up turnaround times and allowing us to fully support you in strengthening your business’s security and reputation.
Our recent accreditation is thanks largely to our Service Desk Specialist Jordan Dooley, who successfully completed his IASME Cyber Assurance Level 2, supported by Godfrey Armstrong, our Service Desk Manager.
Jordan said: “This accreditation is a fantastic achievement for our team. It reinforces our commitment to cyber security excellence and allows us to directly support our clients in gaining their own certifications. Cyber Essentials sets an international baseline for protection, an ideal first step for businesses of any size looking to take a proactive approach.”
What is Cyber Essentials?
The National Cyber Security Centre reported that, in 2024, 50% of UK businesses experience a cyber breach or attack. Most attacks are not targeted, and occur regardless of the size of your organisation, but the outcome is the same: disruption to your operations, putting you and your customer’s sensitive information at risk, and costing you more than ‘just’ money by way of reputational damage.
In a world where cyber security should be considered essential, one of the most effective (and cost-effective) actions you can take to proactively protect your business is to become Cyber Essentials certified.
Cyber Essentials is a government-backed certification scheme which sets a baseline of cyber security measures that all businesses should implement and would benefit from having. The certification signifies to your partners that you take cyber security seriously. It drives down insurance premiums, helps you to access new opportunities (particularly so in the public sector), bolsters compliance, legal and regulatory expectations while also providing a framework that you can implement to guard against the most common cyber-attacks.
Understanding Cyber Essentials
The Cyber Essentials scheme is split into five core areas: boundary defence, secure configuration, access control, malware protection and patch management, with each area working in tandem to produce a comprehensive set of controls and measures, working holistically to reduce your risk of falling victim.
The certification process starts with a self-assessment questionnaire, where you’re asked to evaluate your current cyber security practices against the five core areas. The outcomes of your assessment are then reviewed and verified by a qualified assessor, with improvements made and implemented, with your certification lasting 12 months once achieved.
Where Cyber Essentials involves a self-assessment, Cyber Essentials Plus sees a qualified assessor conduct a technical audit of your environment (on-site or remotely), including internal vulnerability scans, email and web filtering tests, and examination of devices and software configurations. This advanced process brings the same benefits as Cyber Essentials but demonstrates an advanced commitment to cyber security best practice by way of a more rigorous assessment process.
Supporting your Cyber Essentials certifications with ITC Service With 18 years of business, we’ve learned what truly works – and more importantly, how to keep it working. As an accredited body, we’re ready to not only bolster your security but also support you in passing the accreditation efficiently.
FAQs
How long does it take? Both Standard, and Plus?
The time it takes to get Cyber Essentials certification can vary based on how much your business needs to adopt change. Once you’re business has all the necessary controls and tools in place, the process for gaining the certification can happen quite quickly.
Cyber Essentials typically takes between 1-3 days once the self-assessment questionnaire is submitted.
Cyber Essentials Plus usually takes 2-5 days after completing the Standard certification, and includes and on-site or remote audit, so scheduling and preparation may affect timeframes.
How will this impact our day to day?
Minimal disruption, especially for Standard. You may need to apply patch updates or patch systems, configure firewalls and user permissions, ensure antivirus and endpoint protection are in place.
For Plus, there may be brief downtime or device scans, but these are typically scheduled to minimise business impact.
If we have multiple companies, can we do all in one?
Yes, but only if they share the same IT infrastructure (e.g. devices, networks or policies) and you certify the entire scope under one application. Otherwise, each company will need it’s own-certification. Contact us and we’ll figure out the most efficient way to proceed.
How much is it to go through Cyber Essentials?
The cost of your certification depends on your environment – where your business is in terms of set up, what you currently have in place and what your security goals are.
