Cyber Essentials

Hedgehog Security has been delivering Cyber Essentials gap analysis, preparation, implementation and audit services since the inception of the standard. We will help any business achieve the UK Governments base level of Cyber Security after 2000 successful audits.

Cyber Essentials

Cyber Essentials

Hedgehog Security has over ten years of experience at the forefront of cybersecurity. Our CISO team had worked with some of the world’s largest and most complex businesses and industries. We have a deep understanding of both existing and emerging threats, as well as their rapidly changing tactics, techniques and procedures.

Our consulting practice is here to carry out all manner of Cyber Essentials services for your business.

Benefits

Cyber Essentials from Hedgehog

We have over ten years of experience at the forefront of cybersecurity. Our CISO team had worked with some of the world’s largest and most complex businesses and industries. We have a deep understanding of both existing and emerging threats, as well as their rapidly changing tactics, techniques and procedures.

Our consulting practice is here to carry out all manner of Cyber Essentials services for your business.

Cyber Essentials is the Government-backed, industry-supported foundation for basic cybersecurity hygiene. The scheme guides organisations of any size in protecting themselves against cyber threats. You can read more about the government’s scheme here and more in-depth information on the audit process here.

The Two Levels

Cyber Essentials

The foundation level is an independently verified self-assessment. You complete an online assessment questionnaire which is approved by a Senior Executive of your business. Upon submission, we will independently review and confirm your responses. If successful, we will award you the requisite certificate and badge that you can display on your company website.

Cyber Essentials Plus

The next stage of your security journey and involves both independent internal and external tests of your network and computers. You must have been awarded the foundation level certification in the last three months before you can proceed with accreditation.
Successful accreditation provides a higher level of assurance. It demonstrates that your organisation has a robust cybersecurity regime. It shows that controls are present to maintain a vigorous defence against Internet-based attacks.

The Price

We offer a standard fixed price for Cyber Essentials and a fixed tiered price model for Cyber Essentials Plus. The pricing is:

LevelScopeCost excl VAT
Cyber EssentialsThe business£300.00
Cyber Essentials PlusUp to 50 devices£1,500.00
from 51 to 100 device£2,050.00
More than 100 devices, built from a gold image£2,700.00
More than 100 devices, not from a gold image£3,550.00

What is a device?

A device is a company issued computing device that can be used to connect to and use internet based resources such as webpages, web applications etc. They key thing here is consider is the access to the internet. If the device has no access to the internet, and this is enforced by a technical control such as firewall or air gapped network, then that device can be considered out of scope.

A device can be any one of the following:

  • Workstation or Laptop
  • Server that provides users access to the internet through a GUI.
  • Tablet
  • Mobile Phone (company issued)

Buy Now

Cyber Essentials
£ 300
00
per year
  • Online questions
  • Live CISO assistance*
  • 4 hour turnaround**
  • Pre-submission review
Cyber Essentials Plus
£ 1500
00
from
  • Remote or onsite assessment
  • Monthly vulnerability scans
  • Both CE and CE+ Certificates
  • 24 hour turnaround**
Popular

* via phone, email or discord
** during business hours, of the completed questionnaire

The Certification Process

Hedgehog Cyber are authorised by IASME to perform certifications. We would be delighted to assist and support the achievement of your certificate.

Cyber Essentials

You complete an online assessment questionnaire which is approved by a Senior Executive within your business. Upon submission, we will perform an independent review and verify your responses. If successful, we will award you the requisite certificate and badge that you can then use within your marketing material and can display on your company website. The process is reasonably rapid, and our average turnaround on reviewing the submission is 4 hours.

Cyber Essentials Plus

Following successful certification against the foundation level, you may apply for Cyber Essentials Plus certification, which must be within three months of completing the Cyber Essentials level. If the gap is longer than three months, then it must be re-certified.

Once the assessment scope is determined, we will arrange to either visit to your site by one of our consultants or send you one of our appliances. We will then conduct a range of external and internal technical verification tests of your network and web application security. For the external scans, we use our [secure] scanner platform. For the internal scans, we use either our appliance or a local copy of Nessus Professional on our consultant’s laptop.

We will assess several systems randomly chosen from the scope pool of machines. The scope pool is at least 10% of each different build. Our team will be able to advise you more about this.

As a result of the ongoing assessment, it may be necessary for us to advise you to make changes for you to attain the certification successfully. In some cases, we can perform those changes through our CISO team.

The average turnaround time for a Cyber Essentials Plus certification is 24 hours.

Cyber Essentials News