Menu
Menu
Hedgehog Security has been delivering Cyber Essentials gap analysis, preparation, implementation and audit services since the inception of the standard. We will help any business achieve the UK Governments base level of Cyber Security after 2000 successful audits.
Hedgehog Security has over ten years of experience at the forefront of cybersecurity. Our CISO team had worked with some of the world’s largest and most complex businesses and industries. We have a deep understanding of both existing and emerging threats, as well as their rapidly changing tactics, techniques and procedures.
Our consulting practice is here to carry out all manner of Cyber Essentials services for your business.
We have over ten years of experience at the forefront of cybersecurity. Our CISO team had worked with some of the world’s largest and most complex businesses and industries. We have a deep understanding of both existing and emerging threats, as well as their rapidly changing tactics, techniques and procedures.
Our consulting practice is here to carry out all manner of Cyber Essentials services for your business.
Cyber Essentials is the Government-backed, industry-supported foundation for basic cybersecurity hygiene. The scheme guides organisations of any size in protecting themselves against cyber threats. You can read more about the government’s scheme here.
The foundation level is an independently verified self-assessment. You complete an online assessment questionnaire which is approved by a Senior Executive of your business. Upon submission, we will independently review and confirm your responses. If successful, we will award you the requisite certificate and badge that you can display on your company website.
The next stage of your security journey and involves both independent internal and external tests of your network and computers. You must have been awarded the foundation level certification in the last three months before you can proceed with accreditation.
Successful accreditation provides a higher level of assurance. It demonstrates that your organisation has a robust cybersecurity regime. It shows that controls are present to maintain a vigorous defence against Internet-based attacks.
We offer a standard fixed price for Cyber Essentials and a fixed tiered price model for Cyber Essentials Plus. The pricing is:
| Level | Scope | Cost excl VAT |
|---|---|---|
| Cyber Essentials | The business | £300.00 |
| Cyber Essentials Plus | Up to 50 devices | £1,500.00 |
| from 51 to 100 device | £2,050.00 | |
| More than 100 devices, built from a gold image | £2,700.00 | |
| More than 100 devices, not from a gold image | £3,550.00 |
A device is a company issued computing device that can be used to connect to and use internet based resources such as webpages, web applications etc. They key thing here is consider is the access to the internet. If the device has no access to the internet, and this is enforced by a technical control such as firewall or air gapped network, then that device can be considered out of scope.
A device can be any one of the following:
* via phone, email or discord
** during business hours, of the completed questionnaire
Hedgehog Cyber are authorised by IASME to perform certifications. We would be delighted to assist and support the achievement of your certificate.
You complete an online assessment questionnaire which is approved by a Senior Executive within your business. Upon submission, we will perform an independent review and verify your responses. If successful, we will award you the requisite certificate and badge that you can then use within your marketing material and can display on your company website. The process is reasonably rapid, and our average turnaround on reviewing the submission is 4 hours.
Following successful certification against the foundation level, you may apply for Cyber Essentials Plus certification, which must be within three months of completing the Cyber Essentials level. If the gap is longer than three months, then it must be re-certified.
Once the assessment scope is determined, we will arrange to either visit to your site by one of our consultants or send you one of our appliances. We will then conduct a range of external and internal technical verification tests of your network and web application security. For the external scans, we use our [secure] scanner platform. For the internal scans, we use either our appliance or a local copy of Nessus Professional on our consultant’s laptop.
We will assess several systems randomly chosen from the scope pool of machines. The scope pool is at least 10% of each different build. Our team will be able to advise you more about this.
As a result of the ongoing assessment, it may be necessary for us to advise you to make changes for you to attain the certification successfully. In some cases, we can perform those changes through our CISO team.
The average turnaround time for a Cyber Essentials Plus certification is 24 hours.
Ask us a question, any question at all. As long as it has to do with Information Security / Cyber Security, we will get back to you with an answer.
We have recently had questions on Penetration Testing scope generation, how to complete a risk register for ISO27001 and how to harden the Apache webserver.
Many businesses are using the #cloud to store essential documents. This allows an element of vulnerability, as other companies are involved in storing business data. Our #PenTest service can help find any weaknesses. Contact us for more details: https://t.co/YT78mRVdM4
Read More
@BBCNews reported @ScottishEPA has been subject to a #ransomware attack since Christmas Eve. Always back up your systems and ensure #CyberSecurity software is up to date! Let us keep your business safe - get in touch: https://t.co/TN7iCiyOEB
Read More
#CyberSurvivalTip Delete online accounts you havent used in the past 6 months. #h2sec
Read More© 2009 – 2020 Hedgehog Cyber Security. All Rights Reserved.
