February 22, 2024 in Data Protection

Cyber Essentials – a users view on why you need it

Cyber Essentials – What it involves – What it was like attaining it.

Karen Hannon    HOME – BusyLives Nottingham

Is the ISAME Cyber Essentials Certification an accreditation that Small Businesses should consider if they use a computer? …Definitely!

After always having an IT department in my previous career, with technicians who always ensured the security of IT throughout the organisation was robust and up to date, then becoming a small business owner, with no expert to refer to at the level that was needed left me vulnerable.

I attended several E-Business courses whilst I was in the process of setting up my own business in 2018, which is where I first learnt more about the National Security Centre (NSC) and the Cyber Essentials Certification. As my business was supporting clients remotely, it was morally important to me, to not only offer the best services possible, but the reassurance that all data and confidential information was both saved and transferred securely. In conclusion, gaining the accreditation and also outsourcing IT support when I needed it, was none negotiable, if I was to succeed.

What it is

The IASME Cyber Essentials certification still stands as a beacon of cybersecurity excellence in our digital landscape. It also continues to give me the confidence that I have everything in place to keep all data secure and prevent as far as it is possible against a cyberattack. It is an increasing myth that those behind cyberattacks only go for large companies and corporations. However, there are many small businesses who have social media pages and profiles sharing all the information these people need often to breach into their computer!

What is involved?

The initial certification process involves a comprehensive assessment of your business’ cybersecurity measures, covering fundamental control elements you should have in place:

-Secure configuration;

-Boundary firewalls and internet gateways;

-Access control and administration privilege management;

-Patch management;

– Malware protection.

The Result – safety and trust

I will be honest, some of the questions in the assessment are not easy to answer if you are not an IT expert (I’m not!), but there is help and support out there to achieve this if it is important enough to you.

For me it is! I feel that by adhering to the Cyber Essentials framework and by repeating the assessment on an annual basis, that I am able to demonstrate to all my clients a commitment to safeguarding their sensitive information, inspire their trust, as well as knowing I am meeting regulatory compliance.


IASME Cyber Essentials is not just about obtaining a badge of honour, it’s a strategic investment in long-term cybersecurity resilience. The certification process not only identifies vulnerabilities you may not be aware of that you actually need in place, but also provides clear guidelines and recommendations for remediation. This proactive approach has enabled me to continually strengthen my IT security and be able to adapt to emerging threats and technological advancements.

In summary, the recognition that comes with Cyber Essentials for me is that it serves as a testament to my businesses commitment to maintaining a secure digital environment, setting me apart in a crowded and competitive market.

To find out more about what is entailed in the accreditation visit the IASME website: https://iasme.co.uk/cyber-essentials/

BARKLEY NOTE- this is an important part of your data protection and cybersecurity strategy. Please speak to us if you have any queries.

Please also note that many official organisations require this is in place before they will accept bids for contracts off business.