TFM Group is pleased to announce that as of this week we are a Cyber Essentials certified company. Cyber Essentials is a UK government information assurance scheme operated by the National Cyber Security Centre (NCSC) that encourages organisations to adopt good practice in information security. It includes an assurance framework and a simple set of security controls to protect information from threats coming from the internet.

It was developed in collaboration with industry partners, including the Information Security Forum (ISF), the Information Assurance for Small and Medium Enterprises Consortium (IASME) and the British Standards Institution (BSI), and is endorsed by the UK Government. It was launched in 2014 by the Department for Business, Innovation and Skills. The Cyber Essentials scheme has grown a lot since its first launch in 2014. Together with the “10 Steps to Cyber Security”, it has become an essential part of our cybersecurity toolkit.

The five main technical controls are:

  • Boundary firewalls and internet gateways
  • Secure configuration
  • Access control
  • Malware protection
  • Patch management

Cyber Essentials guidance breaks these down into finer details. These controls can be mapped against the controls required by ISO/IEC 27001, the Standard of Good Practice, and IASME Governance, although Cyber Essentials has a narrower focus, emphasising technical controls rather than governance, risk, and policy. Cyber Essentials certification has been required for suppliers to central UK government who handle certain kinds of sensitive and personal information.

The Cyber Essentials programme is intended to encourage adoption by businesses wishing to bid for government contracts. Insurers have also suggested that certified bodies may attract lower insurance premiums. Over 6,000 Cyber Essentials certificates have been awarded to businesses and organisations. To find out more about this scheme and its benefits to companies across the UK visit