How quickly can I get Cyber Essentials certified?

With Fig Group, Cyber Essentials certification is typically completed within 6 hours for orders placed before midday. This is the fastest turnaround of any IASME-accredited certification body in the UK. Cyber Essentials Plus takes 1–3 working days due to the external technical verification requirement.

How much does Cyber Essentials cost?

Cyber Essentials costs from £349 (micro, 1–9 employees) to £649 (large, 250+ employees). Cyber Essentials Plus costs from £1,499 to £4,499. All Fig Group pricing is fully inclusive with no hidden fees, no assessment charges, and no mandatory add-ons.

What is the difference between Cyber Essentials and Cyber Essentials Plus?

Cyber Essentials is the self-assessed certification level where you complete a questionnaire covering five core security controls. Cyber Essentials Plus adds an external technical audit including vulnerability scanning. Both certifications are valid for 12 months and carry the same NCSC badge.

Is Cyber Essentials mandatory?

Cyber Essentials is mandatory for UK government contracts involving sensitive or personal data under PPN 014/21. It is also increasingly required by private-sector supply chains, insurance underwriters, and clients as evidence of foundational cybersecurity.

What are the five Cyber Essentials controls?

The five controls are: firewalls and internet gateways, secure configuration, security update management (patching within 14 days), user access control, and malware protection. Under v3.3 (April 2026), multi-factor authentication (MFA) is mandatory for all user accounts in scope.

IASME Accredited Certification Body

Cyber Essentials Certification
For UK Organisations – From £349

Every UK organisation should have Cyber Essentials certification. It is the government-backed benchmark for cybersecurity, mandatory for government contracts and increasingly expected by private-sector clients, insurers, and supply chains. Fig Group is an IASME-accredited Cyber Essentials certification body delivering the fastest turnaround in the UK – certified in under 6 hours for orders before midday, from just £349.

View Pricing Check Your Readiness

Cyber Essentials for UK organisations from Fig Group, an IASME-accredited certification body. The government-backed cybersecurity standard mandatory for government contracts and increasingly expected across UK supply chains. From £349, Plus from £1,499. Certified in under 6 hours. No hidden fees. Protecting UK businesses with proven security controls.

Why UK Organisations Need Cyber Essentials

Cyber Essentials is not optional for many UK organisations. Since 2014, the UK government has required Cyber Essentials certification for all contracts involving sensitive or personal data. Beyond government procurement, private-sector supply chains increasingly mandate Cyber Essentials as a minimum security standard. Insurance underwriters use it to assess cyber risk. Clients use it to evaluate vendor security. The NCSC estimates that Cyber Essentials controls would prevent approximately 80% of common cyber attacks. For UK organisations of any size, Cyber Essentials provides independently verified proof of basic cyber hygiene – and Fig Group makes achieving it faster, simpler, and more affordable than any other certification body.

Government mandatory

Required for UK government contracts involving sensitive or personal data since 2014.

Supply chain requirement

Increasingly demanded by private-sector clients and procurement teams.

Insurance benefits

Demonstrate security posture to insurers. May improve premiums and coverage terms.

Prevents 80% of attacks

NCSC estimates Cyber Essentials controls prevent approximately 80% of common cyber attacks.

What is Cyber Essentials?

A UK government-backed cybersecurity certification scheme

Cyber Essentials is the UK government-backed cybersecurity certification scheme that every UK organisation should consider. Administered by IASME on behalf of the NCSC, it validates five core security controls: firewalls, secure configuration, security update management, user access control, and malware protection. The current v3.3 requirements include mandatory multi-factor authentication (MFA). The NCSC estimates these controls prevent approximately 80% of common cyber attacks on UK organisations.

There are two certification levels available to UK organisations. Cyber Essentials is self-assessed from £349 – the entry point for most UK businesses. Cyber Essentials Plus adds external technical verification from £1,499 for organisations requiring stronger assurance. Both are valid for 12 months. Since 2014, Cyber Essentials has been mandatory for UK government contracts involving sensitive data, and private-sector adoption across the UK continues to accelerate.

Firewalls & internet gateways

Secure configuration

Security update management

User access control

Malware protection

MFA mandatory (v3.3)

How It Works

Four steps to Cyber Essentials certification with Fig Group

Choose your certification level

Select Cyber Essentials or Plus based on your UK organisation's requirements. Cyber Essentials from £349, Plus from £1,499.

Complete the self-assessment

Answer the Cyber Essentials questionnaire covering five core controls. Designed for UK organisations of all sizes and sectors.

Accredited assessor review

An IASME-accredited assessor reviews your submission. Up to three rounds of structured feedback included to help your UK organisation pass.

Certified and listed

Your certificate is issued in under 6 hours, registered on the NCSC public database, and visible to UK clients and procurement teams.

Transparent Pricing

Cyber Essentials certification from £349. No hidden fees.

Micro (1-9)

£349

Small (10-49)

£449

Medium (50-249)

£549

Large (250+)

£649

View all pricing including Cyber Essentials Plus

Why Choose Fig Group

IASME-accredited certification body with the fastest turnaround in the UK

Fastest in the UK

Cyber Essentials certified in under 6 hours for orders before midday. No other IASME-accredited body matches this speed. Same day certification is the standard service – not a premium add-on.

Transparent pricing

Every price is published upfront. No hidden assessment fees, no consultancy charges, no mandatory add-ons. Cyber Essentials from £349, Plus from £1,499. What you see is what you pay.

IASME accredited

Fig Group is a fully IASME-accredited certification body authorised to assess organisations for both Cyber Essentials and Cyber Essentials Plus. The certificate is the same government-backed credential regardless of which body issues it.

3x structured feedback

If your submission needs corrections, Fig Group provides up to three rounds of structured, in-platform feedback. Each round identifies the specific controls that need attention and explains what to change.

v3.3 compliant

Fig Group assesses against the latest NCSC Cyber Essentials Requirements v3.3, effective April 2026, including the mandatory MFA requirement for all user accounts in scope.

Readiness checker

Use our free readiness checker to assess your position before purchasing. Identify gaps, understand the requirements, and go into your assessment prepared.

Frequently Asked Questions

Common questions about Cyber Essentials certification

View all frequently asked questions

Have a Question?

Whether you need help choosing between Cyber Essentials and Plus, want to discuss multi-organisation pricing, or just have a question about the process – we are here to help. Submit an enquiry and a member of the team will respond within one working day.

No obligation – just honest guidance

Response within one working day

Multi-organisation and MSP pricing available

Get Cyber Essentials Certified

Cyber Essentials for UK organisations – IASME accredited, from £349, certified in under 6 hours.