Cyber Security · Certification Support
Cyber Essentials Certification Support for Your Business
Cyber Essentials certification is increasingly required by clients, partners, and public sector contracts, but many businesses don't know where to start, or have tried and failed a previous assessment. We manage the technical controls needed to meet the scheme's requirements and support you through the process from initial assessment to certification sign-off.
Lowthers Certification Support
Cyber Essentials is no longer a nice-to-have for many businesses; it's a prerequisite for winning contracts and maintaining client trust. We manage the technical requirements so you can achieve and maintain it.
What Our Cyber Essentials Certification Support Covers
We support businesses through the full Cyber Essentials process — from an initial readiness assessment through to managing the technical controls required for certification and maintaining compliance on an ongoing basis.
Technical Controls Management
We implement and manage the five core technical controls required for Cyber Essentials, firewalls, secure configuration, access control, malware protection, and patch management across your business infrastructure.
Assessment Support
We support you through the Cyber Essentials questionnaire and, for Cyber Essentials Plus, the technical verification process, ensuring what's in place on your infrastructure matches what's been declared.
Ongoing Compliance Maintenance
Achieving certification is the start, not the end. We maintain the required controls on an ongoing basis so your certification remains current and your security posture doesn't drift after the initial assessment.
Cyber Essentials — What's Required
The five technical controls at the heart of Cyber Essentials
Cyber Essentials is built around five core technical controls: boundary firewalls and internet gateways, secure configuration, user access control, malware protection, and patch management. Each control has specific requirements that your infrastructure must meet, and each one maps directly to the security services we manage for businesses as part of our wider cyber security offering.
For businesses already on a managed security arrangement with Lowthers, many of the Cyber Essentials requirements will already be in place. Our certification support service assesses your current position against the scheme's requirements, closes any gaps, and manages the technical evidence needed for assessment.
Â
Cyber Essentials Plus adds a technical verification stage to the standard self-assessment, an independent assessor tests the controls in place rather than taking them on declaration. This requires that what's been implemented matches what's been stated, and that the implementation is consistent across your device estate.
We manage the preparation for both Cyber Essentials and Cyber Essentials Plus, including coordinating with the certifying body, supporting the completion of the self-assessment questionnaire, and managing the technical remediation needed before the assessment takes place. For businesses renewing an existing certification, we manage the renewal process and verify that controls have been maintained since the previous assessment.
Â
some of our clients
A proven track record
Speak to us today for a FREE consultation
Choosing the right IT partner involves many moving parts. The best way to see if we’re a good fit is a quick, no-pressure introductory call.
Â
Words from our clients
Lowthers have been a great partner, with the support/service evolving with the growing requirements of the business.
Head of IT
Absolutely fantastic service - significantly better than the IT support at any other company I've worked for. Brilliant team at Lowthers, consistently go above and beyond.
Finance Company
Very responsive and helpful, I appreciate the service provided, thank you
Company Director
I think the support from Lowthers is exceptional, so prompt and thorough, always impressed with their service and general helpfulness
People Advisor
Why businesses fail Cyber Essentials — and how we prevent it
The most common reasons businesses fail a Cyber Essentials assessment are patching gaps, misconfigured access controls, and inconsistent security settings across devices, particularly those used outside the office. None of these are difficult to fix, but they need to be identified and addressed before the assessment rather than discovered during it. Our readiness assessment finds the gaps, we manage the remediation, and you go into the assessment with the right controls in place.
Why businesses trust Lowthers for Cyber Essentials certification support
The five Cyber Essentials controls, firewalls, secure configuration, access control, malware protection, and patch management, map directly to the security services we manage for businesses day to day. We're not applying a separate process to get you through an assessment; we're managing the same controls that Cyber Essentials requires, and evidencing that they're in place. That makes certification a natural outcome of well-managed security infrastructure, not a one-off effort.
Our Certification Support Approach
How we support businesses through Cyber Essentials from start to sign-off
We start with a readiness assessment, reviewing your current infrastructure against the specific requirements of Cyber Essentials. This tells us clearly what's in place, what needs to change, and how significant the gap is between your current security posture and the standard required. For businesses starting from scratch, the gap is usually manageable. For businesses that have already tried and failed, the assessment tells us exactly where the previous attempt went wrong.
From the readiness assessment, we develop a remediation plan, the specific technical changes needed to bring your infrastructure into line with the five core controls. We manage the implementation of those changes, covering firewall configuration, access controls, patch status, and malware protection across your device estate. Once remediation is complete, we review the position again before the assessment is submitted to confirm that what's in place matches what will be declared.
We then support the completion of the self-assessment questionnaire and, for Cyber Essentials Plus, coordinate the technical verification. After certification is achieved, we manage the ongoing maintenance of the required controls, so renewal is a process, not an annual scramble.
Â
Supporting Businesses with reliable & Flexible IT Support
Readiness Assessment Before Submission
We assess your infrastructure against the Cyber Essentials requirements before any submission is made, identifying and addressing gaps so you go into the assessment in the right position.
Technical Remediation Managed
We implement the required technical controls, firewall configuration, access management, patching, and malware protection across your infrastructure as part of the certification process.
Ongoing Maintenance After Certification
We maintain the required controls on an ongoing basis after certification, so renewal is straightforward and your security posture doesn't drift from the standard between assessments.
our services