Does Cyber Essentials Accreditation Mean ‘Job Done’?

Does Cyber Essentials Accreditation Mean ‘Job Done’?
Posted: 7th December 2020

The Cyber Essentials accreditation was launched in 2014. This government-backed scheme is designed to help businesses learn how to effectively protect themselves, and their customers’ data from the threat of a cyber attack.


Around 80% of cyber attacks could be prevented if all SMEs implement Cyber Essentials best practice.


As well as educating businesses about cyber crime and how it works, it also provides an assessment to mark your business against with a certification when you can meet all the necessary standards. This is great for peace of mind that your cyber security is robust and can also have a hugely positive effect on your business’ marketability.

Learn more about why the Cyber Essentials scheme is great for business.

However, gaining the Cyber Essentials accreditation doesn’t mean your work is done which can be the common misconception. It marks the effectiveness of your current cyber security practices and gives you a framework to follow for necessary improvements; but even when you sit with the-best-of-the-best with your shiny Cyber Essentials badge on your website, there is still more you can do.

Life after Cyber Essentials Accreditation – your 4 next steps.

Step 1: Staff Awareness

Yes, we’re beating that drum again but social engineering techniques are so successful for cyber criminals, staff awareness is the only way to beat them.


54% of businesses have fallen victim to a social engineering cyber attack during the last year.


We always recommend staff training and offer all of our client’s free cyber awareness training for all of their employees but it takes more than just a one-off session. Cyber security should be introduced to your business culture – here are some ideas you could implement:

– Regular varied training sessions

– Policy and procedure documents employees can refer to

– Reassurance that cyber security comes first – if a payment is late due to a security concern, that’s OK.

– Simulated phishing attack drills

Step 2: Vulnerability Assessments

If a hacker can’t find a way through the back door one day, that doesn’t mean they won’t the next. Whether due to missed updates or an advanced cyber attack, new vulnerabilities can crop up in your IT systems at any point.

Running a vulnerability assessment on a regular basis will help you discover new weaknesses in your security before a cyber criminal does. This extra precaution is a simple one to put in place and will make your business as secure as possible.

Step 3: Independent Assessments

The Cyber Essentials Accreditation can be achieved with a self-assessment but there’s a good reason why teachers get students to mark each other’s work. Seeing our own errors can be difficult and a pair of fresh eyes can often see things clearer.

Even if you already have the Cyber Essentials certification (and shiny badge on your website), it’s often very worthwhile gaining an independent cyber security assessment to make sure your business is as tight as possible. In almost all cases, an independent assessment will find a vulnerability that can be improved upon.

Step 4: Keep up to date

We always recommend you keep up with the latest developments in the world of cyber crime. You can sign up to our newsletter, continue to check our blogs or the IT Governance blog is a great source of information too.

Just remember, cyber crime moves just as fast as technology.

Jupiter IT Is More Than IT Support – It’s IT Consultancy 

At Jupiter IT, we’re committed to helping other businesses polish their cyber security to the point of perfection. We are proud to have achieved the prestigious Cyber Essential Plus Certification. As experts in this standard and can help you achieve the Cyber Essential Accreditation too.

To find out more, drop us a line – we’re waiting to share our expertise with you.

Hull Office

  • Jupiter House, Unit 3 Estuary Business Park, Priory Park, Hessle, HU4 7DY
  • 01482 974444

York Office

Doncaster Office

  • 4 Cavendish Court, South Parade, Doncaster, DN1 2DJ
  • 01302 248742

Scunthorpe Office

  • Sovereign House, Arkwright Way, Queensway Industrial Estate, Scunthorpe, DN16 1AL
  • 01724 706235

Leeds Office