+44 (0)20 7621 7836 
+44 (0)20 7621 7836
Computer Security Technology have been specialising in Information & Data Protection and Cyber Security for 25 years. Our aim is to help organisations manage cyber security with the least amount of disruption, and for organisations who strive to improve their security posture but don’t have the correct resource in place.
We have been CE & CE+ Certified Body since 2017.
We have been CE & CE+ Certification Body since 2017 and like to place customer service and satisfaction in front of everything we do.
CST recognise not all organisations have the necessary resources to address the business-critical issue of cyber security.
The UK Government’s Cyber Essentials Scheme provides a set of five controls that organisations can implement to achieve a baseline of cyber security, against which they can achieve certification in order to prove their compliance. Addressing these five topics and controls eliminate up to 80% of typical Cyber threats.
CST is registered with IASME to assess and certify against the UK Government Cyber Essentials Scheme. We also provide advice and guidance on how to achieving Cyber Essentials certification, as well as delivering Cyber Essentials PLUS and the IASME governance assessment and certification. We have a number of Cyber Essentials product and service options available.
Since October 2014, the UK Government has required all suppliers bidding for certain information handling contracts be Cyber Essentials certified for the purpose of providing further protection for the information the Government handles.
As well as the Government mandating the standard, it is also being used by non-government affiliated organisations to demonstrate a level of formal compliance to security best practises. Many of our customers are asked by their customers to complete IT security questionnaires, and agree with information protection agreements. Using the Cyber Essential scheme is a method to respond and validate their security posture to their clients.
This information is correct as of October 2024.
No further Evendine assessment accounts can be created in the portal after 23rd April 2023.
For the Evendine assessment accounts, that have been created before 24th April, you will have six months to complete them. That means that the Evendine verified self-assessment will retire on 23rd October 2023.
No Submissions for Evendine will be accepted after this date.
There will then be 3 months where Evendine CE+ assessments can take place. Evendine CE+ Assessments must be COMPLETED by 24th January 2024.
Please contact us for information about the changes and if you require assistance with understanding either the self-assessed Cyber Essentials or the PLUS standards.
Realising that the controls in its 2012 guide, 10 Steps to Cyber Security, were not being implemented effectively, the UK Government instigated a call for evidence on a preferred cyber security standard. In November 2013 it concluded that no individual standard met its specific requirements, so developed the Cyber Essentials Scheme, a set of controls and implementation guidance for basic cyber hygiene against which organisations can achieve different levels of certification. Certification can be used by organisations to demonstrate to their customers and business partners that industry-minimum cyber security measures are in place, and provides evidence to validate the organisation’s security posture.
It was officially launched on 5th June 2014 and addresses:
Organisations that achieve certification to Cyber Essentials will automatically be entitled to £25,000.00 of cyber insurance. They must: certify their entire organisation, be domiciled in the UK or Crown Dependencies, and their annual turnover is under £20m.
The cover is for:
More details can be found here.
All of the five requirements are recommended as part of the “SANS Top 20” controls, and the ISO27001 standard:
1. Secure configuration
Implementing the security measures required when building and installing any computers and network devices, in order to reduce unnecessary vulnerabilities.
2. Boundary firewalls and internet gateways
Providing a basic level of protection where an organisation connects to the Internet.
3. Access control and administrative privilege management
Protecting user accounts and helping prevent misuse of privileged accounts.
4. Patch management
Keeping the software used on computers and network devices up to date, and resistant to low-level cyber-attacks.
5. Malware protection
Protecting against a broad range of malware (including computer viruses, worms, spyware, botnet software, and ransomware) including options for virus removal, which will protect your computer, your privacy, and your important documents from attack.
The UK’s National Cyber Security Centre (NCSC) has announced that IASME have been chosen as the sole accreditation body for the UK’s Cyber Essentials (including CE+) scheme for at least the next five years. Read more about on this announcement.
There are currently two levels against which organisations can be certified:
Cyber Essentials - (Stage 1) which relies on self-assessment.
Cyber Essentials Plus - (Stage 2) assessing and testing your systems
Organisations must be assessed by an accredited certification body such as CST, and must successfully complete Stage 1 prior to proceeding to Stage 2.
Once an organisation has successfully passed an assessment against either level of the scheme’s requirements it will be awarded the relevant Cyber Essentials award or 'badge' and will need annual re-assessment.
In both cases, certification reflects the state of an organisation’s cyber security only at the time of assessment. It is no proof of the ongoing effectiveness of an organisation’s cyber security. However, certification will provide numerous benefits, including the opportunity to tender for business where certification to the scheme may be a prerequisite, reducing insurance premiums, and helping to improve investor and customer confidence.
CST can help you complete Stage 1 and Stage 2, we can provide the guidance and support required, and ultimately certify you against the standard. We operate under the ISAME assessment body which means qualifying compliant businesses also receive Cyber Insurance (up to £25,000 Cyber Liability Insurance free of charge) as part of successful certification.
Feel free to call us on 020 7621 7836 or email us as we are happy to answer any questions and schedule a 20 informal chat to explain more.
Opinion & Customer Testimonials
"A 5/5 star rating. A Professional service with polite staff who are very responsive to client needs and queries. We continue to work with CST and would thoroughly recommend them to others"
Adam & Eve DDB, a leading Communications agency: November 2020
"CSTL have proven to be a reliable, professional and competent partner to Lockton over many years. Their advice and recommendations are always vendor agnostic, independent and unbiased."
Lockton LLP - Part of Lockton the world's largest independent insurance broker: July 2020
"CSTL are there to support you in your certification journey. Cyber Essentials and Cyber Essentials Plus are very prescriptive standards. The account manager and technical auditor provided to our firm were attentive, reliable and challenged us where needed to ensure we obtained a certification that’s respected by our clients."
Senior Director for Privacy & Security - Leading UK Organisational Consulting: June 2020
"CST was patient and always available to answer questions, no matter how big or small. The preliminary review of the questionnaire was key to helping us pass the assessment. CST was quick to respond to any queries, and turn around the application. We qualified within a week."
Fleetwodd Strategy: May 2020
"We are pleased to have successfully accomplished the Cyber Essentials+ certification. The scheme will provide our clients with additional confidence, and reduce risk against cyber-threats. CST assisted us in understanding the Scheme, worked with us to advance our Cyber-Security posture, and undertook the assessment. Their approach was professional, efficient and pragmatic, I can highly recommend them."
Andrew Flatt CTO, Omni Partners: Dec 2017
"Business leaders will benefit from the access to helpful and authoritative cyber security guidance. Encouraging firms to adopt this scheme is a positive step towards greater awareness of cyber security and more widespread action to manage the risks"John Cridland, Director General of the CBI