Menu
Menu
Hedgehog Security has been delivering Cyber Essentials gap analysis, preparation, implementation and audit services since the inception of the standard. We will help any business achieve the UK Governments base level of Cyber Security after 2000 successful audits.
Hedgehog Security has over ten years of experience at the forefront of cybersecurity. Our CISO team had worked with some of the world’s largest and most complex businesses and industries. We have a deep understanding of both existing and emerging threats, as well as their rapidly changing tactics, techniques and procedures.
Our consulting practice is here to carry out all manner of Cyber Essentials services for your business.
We have over ten years of experience at the forefront of cybersecurity. Our CISO team had worked with some of the world’s largest and most complex businesses and industries. We have a deep understanding of both existing and emerging threats, as well as their rapidly changing tactics, techniques and procedures.
Our consulting practice is here to carry out all manner of Cyber Essentials services for your business.
Cyber Essentials is the Government-backed, industry-supported foundation for basic cybersecurity hygiene. The scheme guides organisations of any size in protecting themselves against cyber threats. You can read more about the government’s scheme here.
The foundation level is an independently verified self-assessment. You complete an online assessment questionnaire which is approved by a Senior Executive of your business. Upon submission, we will independently review and confirm your responses. If successful, we will award you the requisite certificate and badge that you can display on your company website.
The next stage of your security journey and involves both independent internal and external tests of your network and computers. You must have been awarded the foundation level certification in the last three months before you can proceed with accreditation.
Successful accreditation provides a higher level of assurance. It demonstrates that your organisation has a robust cybersecurity regime. It shows that controls are present to maintain a vigorous defence against Internet-based attacks.
We offer a standard fixed price for Cyber Essentials and a fixed tiered price model for Cyber Essentials Plus. The pricing is:
| Level | Scope | Cost excl VAT |
|---|---|---|
| Cyber Essentials | The business | £300.00 |
| Cyber Essentials Plus | Up to 50 devices | £1,500.00 |
| from 51 to 100 device | £2,050.00 | |
| More than 100 devices, built from a gold image | £2,700.00 | |
| More than 100 devices, not from a gold image | £3,550.00 |
A device is a company issued computing device that can be used to connect to and use internet based resources such as webpages, web applications etc. They key thing here is consider is the access to the internet. If the device has no access to the internet, and this is enforced by a technical control such as firewall or air gapped network, then that device can be considered out of scope.
A device can be any one of the following:
* via phone, email or discord
** during business hours, of the completed questionnaire
Hedgehog Cyber are authorised by IASME to perform certifications. We would be delighted to assist and support the achievement of your certificate.
You complete an online assessment questionnaire which is approved by a Senior Executive within your business. Upon submission, we will perform an independent review and verify your responses. If successful, we will award you the requisite certificate and badge that you can then use within your marketing material and can display on your company website. The process is reasonably rapid, and our average turnaround on reviewing the submission is 4 hours.
Following successful certification against the foundation level, you may apply for Cyber Essentials Plus certification, which must be within three months of completing the Cyber Essentials level. If the gap is longer than three months, then it must be re-certified.
Once the assessment scope is determined, we will arrange to either visit to your site by one of our consultants or send you one of our appliances. We will then conduct a range of external and internal technical verification tests of your network and web application security. For the external scans, we use our [secure] scanner platform. For the internal scans, we use either our appliance or a local copy of Nessus Professional on our consultant’s laptop.
We will assess several systems randomly chosen from the scope pool of machines. The scope pool is at least 10% of each different build. Our team will be able to advise you more about this.
As a result of the ongoing assessment, it may be necessary for us to advise you to make changes for you to attain the certification successfully. In some cases, we can perform those changes through our CISO team.
The average turnaround time for a Cyber Essentials Plus certification is 24 hours.
Ask us a question, any question at all. As long as it has to do with Information Security / Cyber Security, we will get back to you with an answer.
We have recently had questions on Penetration Testing scope generation, how to complete a risk register for ISO27001 and how to harden the Apache webserver.
Did you know #October is #CyberSecurity Awareness Month? It's a great opportunity to review your security mitigations - especially passwords! Our CEO @PeterBassill shares his top tips: https://t.co/76dpKg4ftK
Read More
AV Scan your computers today with a full scan. Make sure they are clean. #cybersecurity #tip for #CyberSecMonth #CybersecurityAwarenessMonth
Read More@SPCoulson We ask our marketing team that every time we discuss the schedule. We don't to it for the "likes" we do it to give back.
Read More© 2009 – 2020 Hedgehog Cyber Security. All Rights Reserved.
