• Home Insights Government’s Cyber Essentials survey – key findings for SMEs
13 Jan 2025

Government's Cyber Essentials survey – key findings for SMEs

In October 2024, the National Cyber Security Centre’s Cyber Essentials certification celebrated its 10th anniversary. This government initiative sets the baseline for cyber security in the UK. It aims to make the UK one of the safest digital spaces for business.

The government recently published Cyber Essentials Impact Evaluation which highlights the scheme’s benefits. Notably, 85% of users reported increased cyber security awareness in their businesses. But what does this mean for SMEs in the UK?

Key findings of the report

The survey found that 88% of organisations holding Cyber Essentials certification felt better equipped to manage cyber risks. Interestingly, increased awareness can initially cause more anxiety about cyber-attacks, but this is a positive step. It’s easier to protect against threats you know about.

For SMEs, who are often prime targets for cyber criminals, developing cyber-threat awareness and risk management is essential. Cyber Essentials helps SMEs integrate good cyber security practices into daily risk management.

Leadership buy-in

Bridging the gap between IT and the wider business can be complex. The Cyber Essentials certification has strengthened senior management’s understanding of cyber security risks. In fact, 86% of respondents said that the scheme had improved engagement from senior management. Additionally, 71% agreed that cyber security is now taken more seriously.

Buy-in for cyber security programmes is a critical factor for success. It ensures that cyber security receives the necessary resources and funding. It brings in specialised knowledge of the business to make sure that cyber security measures are aligned to business goals.

Continuous improvement

The report states that 76% of certifying organisations have implemented additional cyber security measures.

Like many business processes, cyber security follows a life cycle. This process is part of a maturity journey where organisations continuously improve their cyber security standards.

For organisations looking to certify, the scheme recognises that incremental progress brings the greatest long-term benefit. Cyber Essentials acts as a springboard for your cyber security. It drives long term improvement resulting in the greatest wins for SMEs.

How to get Cyber Essentials certified

Start with a Cyber Essentials self-assessment, which can be supported by an accredited certification body. After the self-assessment, a Cyber Essentials auditor will review your organisation and give feedback on improvements and how to further align to the standard.

You will then be issued with a certificate that is valid for 12 months. The standard is updated annually to protect against new threats.

How can we help?

PKF Francis Clark is an accredited certification body of the IASME Consortium responsible for delivering the NCSC Cyber Essentials standard. We can support you throughout the certification process. For more information, contact our cyber security director, Phil Osgathorpe, for a free initial conversation.


This field is for validation purposes and should be left unchanged.
GDPR permissions

Latest news

Three individuals in business attire are seated around a table, engaged in a discussion while looking at a laptop and holding documents with charts.

Pillar 2: What you need to know before 30 June 2026

15 April 2026

Read
business people sit around a table and one, a man stands talking, they are in a modern office and all wearing smart suits

Our response to the key elements of the latest SRA consultation

15 April 2026

Read
A coffee shop worker fills in paper work while sated at a high bar.

R&D claim notification form deadlines: When and how to submit

14 April 2026

Read

From employee to partner: What new law firm members need to know

14 April 2026

Read
One man tests out his latest technological innovation while a second man writes down the data.

Contracted out R&D vs externally provided workers: understanding the key differences

13 April 2026

Read
Nick Harris in a suit and open necked shirt

Nick Harris and Lucinda Coleman appointed liquidators of Troax Lee Manufacturing Limited

9 April 2026

Read
Audit partner Mike Hall at Bristol harbourside

International audit specialist promoted to partner at our growing Bristol office

9 April 2026

Read
A casual business meeting between three people

Common EMI questions we see in practice

7 April 2026

Read

Selling shares in your company: Understanding the income tax trap 

1 April 2026

Read
A calendar with the last date of the month circled - it has 'pay day' written on it with a smiley face.

Payroll compliance: Navigating upcoming changes and reforms

1 April 2026

Read
Three people in business attire are seated at a desk in an office, reviewing a document together. The person on the left is pointing at the document while the other two look on attentively.

National minimum wage underpayments and how to prevent them

31 March 2026

Read
Six secondary school students sitting in class whilst two students have their hands up to answer a question.

Academies Accounts Direction 2025 to 2026 published

30 March 2026

Read