Critical Security NOT Included in Cyber-Essentials

Integral IT - Critical Security NOT Included In Cyber-Essentials

Share This Post

Cyber Essentials is a fantastic way to start your business on its cyber security journey.  However, it is also missing some key factors that are not included within the Cyber Essentials framework.

Cyber Essentials is just that, the essentials. It covers only the bare minimum that your business should have in place to protect from cyber-attacks. If your business passes the Cyber Essentials testing, that does not mean that your company is sufficiently protected from hackers.  You should be doing a lot more to keep your data safe.

Although Cyber Essentials is a positive scheme, we believe a few things should be included in the framework as they are also ‘essential’. such as:

  • Backup and Recovery
  • Two-Factor Authentication
  • Cyber Awareness Training
  • Email Security

Backup and Recovery


Backing up data is a crucial step when it comes to cyber security. If your business suffered a cyber-attack without backup, the hacker could easily encrypt all of your data, leaving you unable to get it back. Recovery from a cyber-attack won’t be able to be done without this. This isn’t part of the Cyber Essentials as a necessity. It is only advised, and until January 2022, it wasn’t even mentioned. Backup being ‘advisory’ isn’t enough, and everyone should be doing it.

Two Factor Authentication


If you have access to two-factor authentication on your cloud login, you could reduce your chances of being hacked by 99.9%, according to, if you activate it. So indeed, this is counted as a cyber essential? Unfortunately, this is not, in fact, a part of the scheme’s framework, and two-factor authentication isn’t going to be a mandatory requirement until January 2023. At this point, only administrators are required to have two-factor authentication turned on. We recommend using two-factor whenever possible, especially on your cloud services such as Microsoft 365.

Cyber Awareness Training


Your business’s security is only as strong as your weakest team member’s security. If your employees are not trained in Cyber Awareness, this puts your business at a massive risk of success. They should all know how to spot a cybercrime attempt via email and be able to handle scam calls to reduce the risk of them falling victim to a hacker, or else they are putting the whole business in danger.

Email Security


Many cyber-attacks begin via emails. So what is to happen when a well-hidden dodgy email slips, though? Hackers can trick many people into putting their data and account details where they can steal them or having people click on links that cause malware to infect the computer. Having a secure email system will only stop the majority of scam emails, not all of them, so it is down to those whose email inboxes it is t be able to spot them and know how to deal with them. This can be done via Cyber Awareness Training.

Although Cyber Essentials is a great scheme that will undoubtedly help many businesses become much more secure. More actions should be taken to ensure security for your business and prevent cyber-attacks.

Subscribe To Our Newsletter

Get updates and learn from the best

More To Explore

How quickly should you get your IT problems fixed?
IT Security

How Quickly Should Your IT Problems Get Fixed?

IT Problems are probably one of the most frustrating things that can happen within your business. What are you to do when you’ve got deadlines to meet, or you’re working from home and can’t access anything? Are you then expected to contact your IT support and wait? How long should you wait? The answers to

Hackers are Beating Multi-Factor Authentication

Just when your thought your cloud applications were secure by implementing multi-factor authentication, hackers are developing strategies to beat this defence. If you didn’t already know, Multi-factor authentication is an essential part of your IT security for logging into your devices and cloud applications. With multi-factor authentication, you need to enter your username and password

Scroll to Top