Date published: 27 April 2026 | by Sybil Mayard
I am delighted to announce that as of 27 April 2026, Sybiltec is Cyber Essentials certified!
Sybiltec is committed to ensuring that our security and that of our clients is treated seriously, and so we considered a Cyber Essentials certification to demonstrate that.
A Few Facts About Cyber Essentials
- It is a government-backed, industry-wide scheme that demonstrates that your organisation has the fundamental cyber security measures in place.
- It gives your customers and suppliers peace of mind that your organisation is protected against the most common cyber threats.
- It focuses on five technical controls: firewalls, secure configuration, security update management, user access control and malware protection.
- The certification is required for bidding on certain government contracts.
- It is suitable for businesses of all sizes.
- Once certified, your organisation is also entitled to free cyber liability insurance.
- There are two levels of certification: Cyber Essentials and Cyber Essentials Plus.
The Five Technical Controls
Firewalls
A firewall acts as a sort of filter between your devices and the Internet, allowing only safe traffic in, and keeping harmful traffic out. There are three main types of firewall: hardware, software and virtual. For maximum security and to achieve compliance for the certification, firewalls must be configured correctly.
Secure Configuration
Out of the box, hardware devices, software and cloud services often come preconfigured with an insecure setup, such as default passwords, additional user privileges or unnecessary apps/services. All of these pose security risks. Set strong, unique passwords, review user privileges and remove any apps/services that are not needed. Ensure that multi-factor authentication (MFA) is implemented, where available.
Security Update Management
Ensure that your organisation is using software and operating systems that are supported by the vendor, so that they continue to receive the latest security updates. These updates are issued to protect against vulnerabilities, so you should install the updates as soon as possible after they become available.
User Access Control
Every user in an organisation should be given the minimum level of access needed for their role and no more (called the principle of least privilege). Access should be reviewed on a regular basis and adjusted accordingly if the user changes roles or leaves the organisation. Additionally, a user should never be using an account with admin privileges to carry out day-to-day tasks (e.g. browsing the internet or using email).
Malware Protection
Any device connected to the internet is vulnerable to being infected with malware (such as viruses, trojans, worms and other malicious software). Malware protection helps to prevent infection, phishing attacks, and can also warn a user if they are attempting to visit a harmful website. Anti-malware solutions must be kept up to date so that your devices are continuously protected.
Are You Thinking About Getting Certified?
We are grateful to Fortis DPC for guiding us through the process and ensuring that we passed the assessment the first time.
If you are planning on getting Cyber Essentials certified, contact Fortis DPC today and they will ensure that you achieve certification, so you can rest assured that your organisation is secured against the most common cyber threats.
For more information about Cyber Essentials, visit the IASME website.
