Cyber Essentials
A trusted way to gain and renew Cyber Essentials certification, helping to make sure vital security precautions are in place.
For enquiries contact:
About Cyber Essentials
In research and education, you know how important it is to have Cyber Essentials certification. As a government-backed scheme, Cyber Essentials helps give peace of mind that you’ve put essential security protections in place – and is critical for both reputation and compliance.
When getting certification, you want to work with a trusted certification body who understands the needs of the sector. So, in response to member demand, we offer Cyber Essentials and Cyber Essentials Plus as a service. Use this to obtain a Cyber Essentials certificate and to get the essential advice and guidance you need.
How does this service help my organisation?
Members will have reassurance that their defences are protected against many of the most common cyber-attacks.
The core of the service is an online questionnaire to check whether you meet the requirements for Cyber Essentials certification. This means you can quickly and easily understand where you stand on Cyber Essentials – and the areas where you may need to improve.
Get trusted advice to improve security
If you are working toward Cyber Essentials, we can offer advice and guidance to help you improve security and pass the test. The advice we offer includes online responses, as part of our portal – but we can also offer follow-up advice from our IASME-approved Cyber Essentials assessors.
Demonstrate that you have protections in place
Once you’ve passed Cyber Essentials, your certificate can be used to show that you have essential cyber security protections in place. This helps you to improve your reputation as a business. You will receive a Cyber Essentials logo for your website, which helps to give stakeholders peace of mind when dealing with you. A Cyber Essentials certificate also means you are free to bid for government contracts involving sensitive or personal information – a potentially vital aspect of compliance for a research organisation.
Stay up to date with cyber security
Cyber Essentials is an annual process. We can help you to renew your certification – so you stay on top of it, year after year.
Trust in our experience
We are a trusted partner who is uniquely placed to understand the needs of our members in research and education.
An introduction to Cyber Essentials
Download a transcript of the webinar (.docx).
Why do FE organisations need Cyber Essentials?
In January 2020, the Education and Skills Funding Agency (ESFA) announced that they had reviewed the requirements for data security in their FE funding agreements and organisations must make ‘best endeavours’ to achieve Cyber Essentials certification for the funding year 2020/21, with progression to Cyber Essentials Plus for 2021/22.
Cyber Essentials Plus
Having successfully completed your Cyber Essentials assessment, the next step is Cyber Essentials Plus - an Education and Skills Funding Agency (ESFA) requirement for 2021/2022. Cyber Essentials Plus consists of internal and external tests of your computers and network that verify the information you have provided in your Cyber Essentials assessment, including:
- A remote vulnerability assessment
- A vulnerability scan of your devices to check your patching
- Checking your malware protection on your end user devices
- Checking effectiveness and your end user devices against malware delivered by email
- Check end user devices defences against malware delivered through a website
More details about Cyber Essentials Plus
If you wish to apply for Cyber Essentials Plus without gaining Cyber Essentials certification first, you will need to complete and pass the 52 assessment questions.
If you progress on to Cyber Essentials Plus within three months of your certification date, you will not need to recomplete the assessment.
The cost is determined by the size of your network and tests are carried out by our IASME-approved Cyber Essentials Plus assessors.
An introduction to Cyber Essentials Plus
Download a transcript of the webinar (.docx)
Case study: University of Bath
The University of Bath find out why Cyber Essentials and Cyber Essentials plus are the start of a continuing cyber security journey for compliance with funder requirements. Read how they helped to safeguard their research interests (pdf).
Further information
To find out more about Cyber Essentials and Cyber Essentials Plus, contact your account manager.
This is part of a suite of security services designed to defend the Janet Network, to protect your organisation and to help you protect your organisation yourself.
Cyber Essentials advice and guidance
Our additional advice and guidance service offers one-to-one advice to support your journey towards Cyber Essentials certification. We have experts on hand to help you fill in the gaps or with any areas where you need support.
You can book this service with one of our IASME Cyber Essentials approved assessors, from one hour up to a full day. Contact your account manager to find out more.
How to buy
Jisc have been appointed as an approved supplier on the Crown Commercial Services dynamic purchasing system (DPS). The benefit for our members in purchasing through the DPS is that it allows public sector buyers to procure an extensive variety of cyber security services from a range of pre-qualified suppliers.
Visit the Crown Commercial Service (CCS) website for more information. The ‘how to buy’ section gives full details for registering as a buyer and navigating through the process. The CCS run regular webinars for customers explaining what and how to buy from the new cyber security DPS. See upcoming webinar sessions.
This service is included within the scope of our ISO9001 and ISO27001 certificates.