How To Get The Cyber Essentials Logos On Your Organisation's Website

Written by Sam Jones
Oct 4, 2019 - 6 minute read

Every website seems to have the Cyber Essentials logos but what are they and what can they do for your organisation?...

New call-to-action

Last updated June 2021

Does it seem like every organisation has these logos on their website?Untitled design (24)

 

I know what you're thinking.

What do the logos mean? How do I get them?!

Well, let me just say now, please don't think that downloading the image from Google and uploading it to your website will suffice. You'd end up in A LOT of trouble (but I'll explain it all very soon).

Understandably, you're not even sure if these logos have any significance to your organisation.

I mean just because they're everywhere, it doesn't mean they're valuable, right?

Well, you'll quickly realise, this little Cyber Essentials logo could be the difference between elevating and losing your organisation.

I know you're thinking that is a pretty dramatic statement but for many organisations, it's an incredibly thin line.

Anyway, I'm getting ahead of myself!

It's easy to get lost in the world of Cyber Essentials, so let's start with the fundamentals of Cyber Essentials.

What is Cyber Essentials?

The National Cyber Security Centre (Part of GCHQ) created Cyber Essentials to help organisations protect themselves against common cyber security threats.

In essence, the UK Government are trying to help your organisation become more safe and secure. The Government want to see fewer breaches, fewer attacks and ultimately, less private data becoming public.

This is why the Government created the '10 Steps to Cyber Security' scheme (which you can see below) and this scheme formed the foundation of the Cyber Essentials scheme.

10 steps to cyber security

Cyber Essentials implements 5 technical controls to help your organisation reduce the cyber threat by 80%.

Yes, you are reading that correctly and it isn't a typo.

Cyber Essentials will guarantee your organisation a reduction of 80% from the cyber threat and so you're probably wondering, what are these 5 technical controls and what do they do?

  1. Firewalls and Internet Gateways - Cyber Essentials certification requires that you configure and use a firewall to protect all your devices, particularly those that connect to public or other suspicious and unreliable Wi-Fi networks.
  2. Secure Configuration - Cyber Essentials certification requires your organisation to only use software, accounts and apps that are frequently used. The key here is that they need to be a necessity to your organisation.
  3. Access Control - Cyber Essentials certification requires that you control access to your data through user accounts. Also, administration privileges are only given to those that need and furthermore, the use of the data with those accounts is controlled.
  4. Malware Protection - Cyber Essentials certification requires that you do at least one of the following to defend against malware:
    • Whitelisting
    • Sandboxing
    • Install anti-malware software

5. Patch Management - Cyber Essentials certification requires that you keep your devices, software and apps up to date.

There are two types of Cyber Essentials certifications - Cyber Essentials and Cyber Essentials Plus. It's important to know the difference between both certifications and which certification fits best for your organisation.

An 80% reduction is a huge benefit of Cyber Essentials but you're probably wondering why else so many organisations have decided to buy Cyber Essentials.

Why become Cyber Essentials certified?

As you know, Cyber criminals want your data. The skill level of a cyber criminal can vary but when it comes to SMEs (Small and Medium Enterprises), even the most basic cyber criminal can hack into your systems IF you don't have the correct measures in place.

The guys over at Business Matters Magazine have done a great job conveying the importance of cyber security to SMEs and it is definitely worth checking out after you're finished here!

With the 5 controls I've mentioned above being fully implemented at your organisation, you'll have prevented a large number of competent cyber criminals from gaining access to your data as well as reducing the overall threat by 80%.

 

Stop Cyber Attack Sign in Red Polygon on Pale Bare Hand. Isolated on White Background.

 

What can Cyber Essentials do for your organisation?

So why else would someone want these logos on their website? To understand this on a deeper level, we need to dive into the benefits of Cyber Essentials which can bring value to your organisation in different ways.

I've already mentioned the 80% reduction in cyber threat but another major benefit of Cyber Essentials is enhancing your reputation.

Customers and clients will come onto your website and see the logo and know their data is in safe hands. Believe me, they will have more respect for you because you showed respect to their data.

Cyber Essentials can also help you land those Government contracts that you've always hoped for.

For most organisations, this is a big aim and dream, but you legally need to be Cyber Essentials certified, as it is a requirement to be able to bid for and land a Government contract.

To further understand the benefits, feel free to check out '10 surprising benefits of Cyber Essentials'.

The Cyber Essentials Process

Now that you understand what the logos mean, let's talk about how you can go about getting those logos onto your own organisation's website.

Getting the Cyber Essentials logos on your website is a four-step process:

  1. Choose a Certification Body
  2. Meet the Cyber Essentials standard
  3. Pass Cyber Essentials
  4. Add Cyber Essentials Logo to your website

Choosing a Certification Body

Certifying bodies have the power to assess and certify organisations for Cyber Essentials and operate under an Accreditation Body.

Since April 2020, IASME (Information Assurance for Small and Medium Enterprises Consortium) has been the sole Accreditation Body and partner of the NCSC with Certification Bodies working on their behalf across the country to deliver the Cyber Essentials scheme. 

Prior to this, there were actually 5 Accreditation Bodies, but the Government decided there should just be one, in order to make the process more streamlined and less confusing for certifying businesses. 

Cyber Tec Security are an example of a Certification Body as we can certify an organisation for Cyber Essentials and we're aligned with IASME.

Choosing a Certification Body will depend on the kind of experience you want. While all are able to grant you the Cyber Essentials certification, pricing and packaging could be different and the certification delivery will differ from business to business.

My advice? Ask yourself what you want and do your research!

Meeting the Cyber Essentials standard

To be able to meet the Cyber Essentials standard, your IT infrastructure needs to meet the requirements to be able to begin the technical process. You can view the requirements for IT infrastructure here.

Passing Cyber Essentials

With the guidance of your Certification Body, you will be able to tick off every aspect of each technical control. I'm being quite literal too, there is a self-assessment questionnaire which you'll need to tick off as you go along.

The Certification Body will then review the responses and determine whether you've met the standard.

If you have met the standard then you will be awarded Cyber Essentials certification. (Congratulations!). 

Using The Cyber Essentials Logo 

You've done the hard part, now all you have to do is show off the fact you are Cyber Essentials certified!

You can use the logo on:

  • Websites
  • Promotional Material
  • Letter Heads
  • Email Signatures

So this is how you become Cyber Essentials certified and if you are interested in gaining the Cyber Essentials Plus logo, the process is different and there are a few other things you'd need to know.

To learn more about Cyber Essentials, check out our Ultimate Guide to Cyber Essentials which will tell you everything you need to know about Cyber Essentials for FREE.

Topics: Cyber Essentials, Cyber Essentials Plus, Cyber Security

author

More by Sam Jones

Related articles
How to Assess Supplier Risk in Your Supply Chain

Supplier risk management is key to your Supply Chain's security, but how do you know how secure your suppliers really are?

The Advantages and Disadvantages of Cloud Computing: Is Your Head in the Cloud?

In simple terms, cloud computing refers to anything that involves the delivery of hosted services over the internet, often on a pay-as-you-go basis.

Wait! Do You Actually Need a Penetration Test?

Pen Testing is a big name in the world of cybersecurity, but it's not always the right approach for every business. There's a much better solution...