Cyber Essentials (Plus)

We understand the importance of achieving your Cyber Essentials qualifications and therefor our customer centric service is delivered to you by qualified Cyber Essentials assessors. Your assessor will have a minimum of 4 years’ experience as a vulnerability consultant as well as being fully trained and qualified in line with the requirements of the scheme. Our highly skilled assessors support you through the assessment, providing remediation advice as needed.

NCC Groups Cyber Essentials services covers AWS, ensuring the clients own management and configuration of AWS is compliant. It does not cover AWS’s Core Services. Organisations must implement the five Cyber Essentials controls within its specific AWS environment, particularly for Infrastructure as a Service (IaaS) components like EC2 instances. These controls are:

• Firewalls & Internet Gateways
• Secure Configuration
• User Access Control
• Malware Protection, and
• Security Update Management

NCC offer several options with regards to Cyber Essentials accreditations:

Cyber Essentials Basic

• Online Questionnaire
• Dedicated Consultant Support
• Same day kick-off (If ordered before noon GMT)
• IASME Certified consultants
• Free resubmission of SAQ within 48 hours
• Free re-assessment of SAQ during 30 days
• Free re-test of external scan during 30 days
• Optional (but not required for the certificate) external scan (up to 15 IPs)

Cyber Essentials Plus
As per Cyber Essentials Basic and includes a technical audit:

• External Scan (Free retest of external scan if fail)
• End-User Device Audit
• Assessment from IASME certified consultant
• IASME Certificate
• Cyber Essentials remediation report

Both services include:

• Dedicated Assessor support to help with any queries of the self-assessed questionnaire.
• Technical support (with issues, remediation)
• Cyber Essentials assessor who reviews each submission
• Same day kick-off
• Can cover AWS web servers

Cyber Essentials Pre Assessment

A Cyber Essentials Pre-Assessment is recommended for those organisations who want to ensure they meet the requirements of the standard with as much support and information available

We provide a readiness assessment to give you confidence in identifying the next steps your business needs to take so you can prepare for the evaluation

• Online Cyber Essentials Questionnaire sample review
• Remote scan of up to 50 live Ips
• Results reviewed by a cyber-security expert.
• Cyber Essentials consultant to help with questionnaire
• Cyber Essentials consultant to discuss scan results
• Definition of scope for live assessment
• Perform a baseline device audit (up to 10 user devices)

Dedicated Vulnerability Consultant

All services include a dedicated assessor. Your dedicated Cyber Essentials assessor will have high levels of experience of delivering Cyber Essentials assessments and will be responsible for:

• Being your main point of contact
• Providing support with your self-assessment questionnaire
• Delivering of the internal audit of your internal end user devices (Plus assessment only)
• Supporting remediation
• Ensure external scans run to your configuration and schedule
• Provide regular updates as required
• Compile and ensure reports are accurate