About Cyber Essentials
Cyber Essentials is a government backed scheme that will help you to protect your organisation, whatever its size, against a whole range of the most common cyber attacks.
Cyber attacks cost organisations thousands of pounds and can cause huge disruption. Businesses big and small can be targets if they don’t have the proper measures in place to protect them.
Cyber Essentials shows you how to prevent the most common attacks and protect your business.
Cyber Essentials is designed to fit with whatever level or commitment you are able to sustain. There are three levels of engagement:
Self-help Cyber Essentials
Cyber Essentials certification
Cyber Essentials Plus certification
Why Cyber Essentials is important
Cyber Essentials helps prevent the vast majority of cyber attacks. Even a simple virus or piece of malware could result in your business facing consequences like:
loss of company and client data
disruption to cash flow
staff time taken up trying to resolve the issue
trading delayed / stopped
damage to your hard-earned reputation
fines or prosecution (loss of data could breach the Data Protection Act)
Self-help for Cyber Essentials
Self-help Cyber Essentials helps you familiarise yourself with cyber security terminology, gaining enough knowledge to begin securing your IT.
Cyber Essentials recommend five technical controls that you should put in place to put you and your organisation on the path to better cyber security. The five controls are:
secure your internet connection
secure your devices and software
control access to your data and services
protect from viruses and other malware
keep your devices and software up to date
You can find out more about self-help Cyber Essentials and what you can put in place today on the
Cyber Essentials website
States of Jersey suppliers certification requirements
From 2018, suppliers awarded any new government contract worth more than £25,000 will need to commit to adopting Cyber Essentials, or a higher standard, within 12 months.
From 2020, all suppliers in receipt of contracts valued at more than £25,000 will need to demonstrate adherence to Cyber Essentials or a higher standard.
These requirements apply unless the contract is subject to a specific internal exemption signed by the Treasurer of the States. Exemptions may be granted in exceptional circumstances where the information security risk is judged to be low and a supplier represents significantly better value for money than alternatives and/or where substitutes are not readily or practically available. We are committed to securing our data and promoting the adoption of robust cyber security standards by Jersey businesses.
Benefits of getting certified
Cyber Essentials can help your organisation in many ways, including:
reassuring customers that you take cyber security seriously
listing on our directory of organisations awarded Cyber Essentials
attracting new business with the promise you have cyber security measures in place
allowing you to bid for government contracts
In the future Cyber Essentials will be a mandatory requirement for suppliers of government contracts which involve handling personal information and providing some ICT products and services.
Cyber Essentials certification
This self-assessment option gives you protection against a wide variety of the most common cyber attacks. The certification process has been designed to be light-weight and easy to follow and involves organisations completing a self-assessment questionnaire the responses of which are reviewed by an external certifying body.
Cyber Essentials Plus
The protections you need to have in place are the same as the Cyber Essentials certification, but this time the verification of your cyber security is carried out independently by a Certification Body.
How to get Cyber Essentials / Plus certification
The first step to gaining your Cyber Essentials / Plus certification is to select a Certification Body. You have the option of choosing a local certification agency or a UK agency.
Option 1 – Local certification agencies
Local Certification bodies who can assist with the Cyber Essentials assessment process and support as application for certification: Local certification agencies
Option 2 - UK accreditation bodies
Select a Certification agency through the
UK Accreditation bodies on the Cyber Essentials website. Read the details about each of these and choose one which feels like a good fit for your organisation.
Once you have selected an Accreditation Body, click through to their websites and their directory of Certification Bodies. It is the Certification Bodies which will perform your evaluation and award your Cyber Essentials Certificate.
Let us know once you're certified
Organisations that are Cyber Essentials / Cyber Essentials Plus certified are listed on gov.je. Once you're certified complete our online form to let us know and you'll be added to the list.
Register your company's Cyber Essentials and Cyber Essentials Plus certification