What areas does Attenu8 cover for IT support?

Attenu8 provides managed IT support across Hertfordshire, London, Essex, and surrounding counties. We support businesses both remotely and on-site.

How quickly does Attenu8 respond to IT issues?

Attenu8 has a 15-minute average first response time for IT support issues. Critical issues are prioritised immediately through 24/7 monitoring.

Is Attenu8 Cyber Essentials certified?

Yes, Attenu8 is Cyber Essentials certified. We also help clients achieve Cyber Essentials certification as part of our cyber security services.

Does Attenu8 offer fixed-price IT support?

Yes. Attenu8 operates on a fixed monthly pricing model with no hidden charges or surprise call-out fees. You know exactly what you are paying from day one.

How long has Attenu8 been providing IT support?

Attenu8 was founded in 2003. With over 20 years of experience, we have been delivering managed IT support and services to businesses across Hertfordshire and London.

What is a managed IT service provider?

A managed IT service provider (MSP) acts as your external IT department. Instead of hiring in-house IT staff, you get a full team of IT engineers for a flat monthly fee, covering helpdesk, monitoring, cyber security, and strategic IT planning.

Does Attenu8 support Microsoft 365?

Yes. Attenu8 provides Microsoft 365 migration, management, and ongoing support including licensing advice, Teams, Exchange email, SharePoint, and security hardening.

How does onboarding work with Attenu8?

Onboarding starts with a free IT audit. We provide a fixed-price proposal and handle the full transition. Most clients are fully onboarded within one week with no disruption to their business.

What is Cyber Essentials? UK Certification Guide

What is Cyber Essentials?

Cyber Essentials is a UK government-backed certification scheme designed to help organisations of all sizes protect themselves against the most common cyber threats. Launched by the National Cyber Security Centre (NCSC), it provides a clear, practical framework of five technical controls that, when implemented correctly, can prevent the vast majority of opportunistic cyber attacks.

Think of it as the cyber security equivalent of locking your front door and fitting an alarm. It won’t stop every determined attacker, but it will make your business a far less attractive target than one with no protections in place at all.

The 5 Cyber Essentials Technical Controls

To achieve Cyber Essentials certification, your organisation must demonstrate compliance with five core technical controls:

Firewalls – Ensuring your internet connection is protected by a properly configured firewall that controls what traffic can enter and leave your network.
Secure Configuration – Making sure your devices and software are set up securely, with unnecessary features disabled and default passwords changed.
User Access Control – Limiting user access to the minimum required to do their job, and ensuring administrative privileges are tightly controlled.
Malware Protection – Installing up-to-date anti-malware software to prevent malicious software from running on your devices.
Patch Management – Keeping your operating systems, software and firmware up to date by applying security patches promptly, usually within 14 days of release.

These five controls address the most common attack vectors used by cyber criminals — and the NCSC estimates they can block around 80% of the most prevalent attacks.

Cyber Essentials vs Cyber Essentials Plus

There are two levels of Cyber Essentials certification:

Cyber Essentials – A self-assessment questionnaire reviewed and verified by a certifying body. Your organisation answers questions about its security controls, which are then independently checked. This is the entry-level certification and is suitable for most SMEs.
Cyber Essentials Plus – Everything in Cyber Essentials, plus an independent technical audit carried out by a qualified assessor. This involves hands-on testing of your systems to verify the controls are working as claimed. Cyber Essentials Plus provides a higher level of assurance and is increasingly required for larger contracts.

For most small and medium-sized businesses, Cyber Essentials provides an excellent starting point — and achieving it is simpler than many expect, particularly with the right IT partner guiding the process.

Who Needs Cyber Essentials Certification?

Cyber Essentials is not yet a legal requirement for most businesses, but it is increasingly being mandated in specific contexts:

Government contracts – All suppliers handling personal data or providing technical services to the UK government must hold Cyber Essentials certification.
NHS and public sector supply chains – Many NHS trusts and public sector bodies now require Cyber Essentials from suppliers as standard.
Defence contracts – Businesses working within the Ministry of Defence supply chain are typically required to hold Cyber Essentials Plus or higher.
Cyber insurance – A growing number of insurers require Cyber Essentials as a minimum standard before issuing cyber liability cover.

Beyond contractual requirements, Cyber Essentials gives your clients confidence that you take data protection seriously — which is particularly valuable for businesses handling sensitive customer information.

How Much Does Cyber Essentials Cost?

The cost of Cyber Essentials certification varies depending on the size of your organisation and the certifying body you use. As a guide:

Cyber Essentials (self-assessment) – typically from around £300 to £500 for small businesses, though fees vary by certifying body.
Cyber Essentials Plus – typically £1,500–£3,000+ depending on organisation size, as it requires an on-site (or remote) technical assessment.

These figures don’t include the cost of any remediation work needed to bring your IT infrastructure into compliance before you submit for assessment. This is where working with an experienced managed IT provider can save you significant time and money.

How to Prepare for Cyber Essentials

Preparation is key to a smooth Cyber Essentials assessment. Common areas where businesses need to address gaps before certification include:

Outdated software or operating systems that are no longer receiving security patches (Windows 10 end-of-life is a current concern for many SMEs)
Flat network architectures with no segmentation or boundary firewall
Excessive user privileges — staff accounts with local administrator rights that aren’t needed
No multi-factor authentication (MFA) on cloud services like Microsoft 365
Inconsistent or absent patch management processes

A gap analysis before the formal assessment can identify these issues in advance, giving you time to remediate without the risk of a failed submission.

How Attenu8 Can Help You Achieve Cyber Essentials

At Attenu8, we’ve supported businesses across Hertfordshire, London and Essex through the Cyber Essentials certification process. Our approach covers the full journey — from an initial gap analysis to identify where your current IT setup falls short, through to remediation, submission support and ongoing maintenance of the required controls.

Because we manage IT infrastructure for our clients day-to-day, many of the Cyber Essentials requirements are already in place as part of our standard managed cyber security service — including patch management, endpoint protection, MFA deployment and firewall management. This means the path to certification is often shorter than businesses expect.

If you’re looking to achieve Cyber Essentials for the first time, renew an existing certificate, or understand what’s involved before committing, we’re happy to talk it through. Get in touch with the Attenu8 team for a free, no-obligation conversation about your options.

← Back to all articles

What is Cyber Essentials and Does Your Business Need It?