5 Cyber Essentials Controls That You Need to Know

Published on 28 February 2022

Cyber Essentials is a government-backed scheme that shows you the steps needed to take to keep your business cyber secure. By implementing Cyber Essentials, you can effectively prevent 80% of the most common cyber-attacks. It is also a chance to demonstrate publicly that you and your business take data protection and cyber security seriously.

Cyber Essentials is a step-by-step guide to help implement, educate, and better defend your business from cyber-attacks. It will cover 5 key areas most commonly targeted and overlooked by businesses:

Cyber Essentials Controls You Need To Know 


Using the internet to access files, research, and use email is essential to any business. By accessing the internet without protection, however, you leave your business and data vulnerable to cyber-attacks. Cyber Essentials recommends you add a Firewall to protect yourself. A firewall will identify and stop unwanted traffic from getting onto your internal network and causing breaching issues and operational downtime.

Secure Configuration

When purchasing a new device, it will come with default software and applications already installed. This is to make the setup as easy as possible. But these factory settings can be an easy access point for cybercriminals. Ensure that the settings on your devices have been changed to reduce risk. One way of doing this is by removing any applications that are not relevant to your business.

Access Control

In 2019 Centrify published a survey that revealed that 74% of companies have had a previous breach that involved administrative access abuse. Cyber Essentials will recommend you limit who within your business has access to important and sensitive data. You can do this, for example, by restricting someone’s access to files that are only applicable to their role.

Malware Protection

Malware is any kind of virus that will infect a device, software or business network. It can come in many forms but recently ransomware has become popular amongst cybercriminals, it has risen 151% in the first half of 2021 and continues to rise. Malware can have lasting effects on your business. When your business’s devices are connected to the internet they run the risk of being infected. To avoid this Cyber Essentials will take you through the process of updating and installing broad range anti-malware software.

Patch Management 

Those notifications that you see on your device informing you of a software update are crucial and should not be ignored. Cyber Essentials recommends doing the updates as soon as possible. These updates are the result of the software company finding vulnerabilities in their software that a cyber hacker could exploit. The software company has fixed this and now needs you to add these new updates to your devices. By ignoring these updates, you could become the victim of a cyber-attack, which is exactly what the ransomware Petya did to companies back in 2017.

Cyber Essentials is… essential. Leaving your business open and vulnerable to cyber-attacks can be detrimental to your business, it is not a case of ‘if’ but when. As an SMB you are more vulnerable than less. Larger businesses have extensive cyber security, which means they’re harder to attack. Cybercriminals want an easy win, they would rather find a smaller business that is easier to attack with small gains than a large business. Think of it as a car thief, they are more likely to steal an unlocked car than a locked one, regardless of how expensive the car is.

If your business is located in Milton Keynes, Northamptonshire, Buckinghamshire, or Bedfordshire and you are interested in learning more about Cyber Essentials or how best to protect your business from cyber-attacks, book a meeting with us today.

Microsoft Defender for Business - SMBs

Contact us!

Recent Posts

Our Resources