Cyber Essentials
The challenge
Proving data security
Companies holding sensitive data such as employee or customer information, who have implemented good security controls to reduce the risk of attack by cyber criminals, want to demonstrate or prove this in some way.
Meeting supplier requirements
You may have to demonstrate that your company follows best practice information security to become an approved supplier to a larger enterprise.
Gaining certification confidence
Cyber Essentials Certification gives peace of mind that the defences a company has in place will protect it against the vast majority of common cyber attacks.
The service
Cyber Essentials is a UK Government backed scheme designed to guard against the most common internet based cyber security threats and encourages organisations of all sizes, but particularly SME’s, to demonstrate their commitment to cyber security.
Guiding you to Cyber Essentials compliance
What BH Consulting provide, is security expertise to guide clients through the certification process, to ensure that the Cyber Essentials self-assessment is carried out in a compliant manner. We aim to clarify the requirements so that they are understood and answered appropriately.
There are five control areas covered by Cyber Essentials, in summary these are:
1. Boundary Firewalls and Internet Gateways
Ensuring all devices that are connected to the internet are protected by a properly configured firewall. An internet gateway can deny access to users within your organisation to websites or other online services that present a threat.
2. Secure Configuration for devices and software
Systems and software must be configured in the most secure way for the needs of the organisation. Password management and policies are also a key part of this control area.
3. Access control
Controlling who has access to systems and at what level.
4. Malware protection
Ensuring that virus and malware protection is installed and is up to date, plus ensuring there is sufficient user awareness.
5. Patch management
Attackers constantly identify and exploit software vulnerabilities. Checking that the latest supported version of software is used and all necessary patches have been applied.
Assess, improve, certify
Our Security Consultant conducts an interview with key personnel, to first identify the scope of the assessment and then proceed through the Cyber Essentials questionnaire to start documenting answers and carrying out a Gap Analysis.
We then provide a report of recommendations around implementing additional security measures to close any gaps.
As a final step, we complete and submit the documentation to the Certification body and provide the Certification once the process is complete.
This service can be carried out remotely.
Benefits
Reassure customers that you are working to secure your IT against cyber attacks
Give a clear picture of your organisation’s cyber security level
Attract new business with the promise you have cyber security measures in place
Grow business in the UK market with Cyber Essentials certification
Testimonials
“We engaged the services of BH Consulting in September to act as our DPO. They have expertly guided us through our GDPR journey, helping us to finalise our requirements to meet the GDPR standards. They have done this in a professional manner all the while aware of our limited time resources. Our DPO Annemarie, understands the way in which we work and has completely adapted her approach to suit our needs. I couldn’t recommend Annemarie and the team at BH consulting highly enough.”
“We found BH Consulting to be a huge help in achieving our ISO 27001 certification as they put so much structure on the process and helped us along every step of the way. Their knowledge and guidance the whole way along the journey was reassuring and really made the process seamless and easy to follow and understand. They were there to keep us accountable and ensure we were progressing at our bi-weekly meetings. We would definitely recommend BH Consulting to any organisation thinking of going for ISO 27001 certification and so quickly and cost effectively was a massive relief. The expertise BH Consulting provided to ensure we have a robust GDPR compliance framework in place was great. We would have no hesitation recommending BH Consulting to others in a similar position.”
“Make-A-Wish Ireland has been working with BH Consulting for three years and have found them to be incredibly supportive. GDPR can be extremely challenging and yet, for an organisation like ours, it is critical to be on top of everything at all times as we deal with such highly sensitive data. The support we have been given is practical, logical, and most importantly calming. They have demystified the complexities and have done repeated training with our team in order for everyone to be comfortable with all aspects. We would highly recommend any company to work with BH Consulting. A special thanks must go to Tracy Elliott who has worked with us since the start.”
“BH Consulting have been our CISO since February 2019 and we have found their expertise to be extremely beneficial. They are very accessible when we need them and are very pragmatic in the advice they give. We really like the fact that they are independent and not tied to any vendors or solutions. We have confidence that BH Consulting are there with the right expertise and advice when we need them.”
“BH Consulting provide a reliable and valuable service to our organisation. Their expertise and continued guidance has been a great support to us since the introduction of GDPR.”
Why get in touch with BH Consulting
BH Consulting is a trusted, independent cybersecurity and data protection consultancy with over 20 years of experience. Whether you need expert guidance on compliance, risk management, or security strategy, our team delivers practical, vendor-neutral advice tailored to your needs.
- Trusted by global brands and public sector bodies
- ISO 27001-certified team with deep domain expertise
- Proven track record in delivering real-world solutions
- Flexible services: CISO/DPO as-a-Service, audits, training & more
Let’s start a conversation about securing your business.
