top of page

Cyber Essentials for Financial and Property sector

The financial and property industries are lucrative targets for cyber criminals due to their handling of personal data and capital. However, Cyber Essentials can help even the playing field.

The Cyber Essentials scheme focuses on 5 key controls that work together to provide organisations with a baseline of cyber hygiene.

5 Cyber essentials controls

By following the guidelines around these controls, you can help improve the security of your organisation, which is especially important due to holding important customer data.

To review the controls set by the Cyber Essentials scheme in more detail, take a look at the Requirements for IT Infrastructure document which contains all of the relevant information.

How can achieving Cyber Essentials help my businesses?

Cyber Essentials can help in four major ways:

  1. By undertaking Cyber Essentials, you gain a much better understanding of your IT environment. This puts you in a better position to protect your business and employees.

  2. You can draw in new business by assuring them of your implemented cybersecurity measures.

  3. Cyber Essentials is a requirement for all government contracts. To become a supplier for this area, Cyber Essentials is mandatory.

  4. Cyber Essentials can fully or partially mitigate up to 99% of common cyber-attacks, meaning that if you meet the standard, you are less likely to fall victim as seen in the graphic below.

Pie chart showing impact of Cyber Essentials

How can I achieve cyber essentials?

By signing up for our free membership, you will be auto-enrolled on our free Little Steps Training Programme which delivers bite-sized practical information on how to build cyber resilience. Once you reach the end of the programme and implementing all of the guidance suggested, you will be well on the way to achieving Cyber Essentials (Online Programs | Eastern CRC ( ).

You can then contact us to be put in touch with one of our Cyber Essentials Partners who will gladly assist with your certification. For more information, visit Cyber Essentials Partners at the Eastern Cyber Resilience Centre (

Next Steps:

  1. Sign up to our free membership and start learning about key cyber resilience controls from our free Little Steps Training Programme.

  2. Contact us to be put in touch with our local Cyber Essentials Partners at Our Cyber Essentials Partners at the Eastern Cyber Resilience Centre (

  3. Check out the Cyber Essentials readiness toolkit to help you prepare for Cyber Essentials.

Reporting a live cyber-attack 24/7

If you are a business, charity or other organisation which is currently suffering a live cyber-attack (in progress), please call Action Fraud on 0300 123 2040 immediately. This service is available 24 hours a day, 7 days a week.

Reporting a cyber-attack which isn't ongoing

Please report online to Action Fraud, the UK's national reporting centre for fraud and cybercrime. You can report cybercrime online at any time using the online reporting tool, which will guide you through simple questions to identify what has happened. Action Fraud advisors can also provide the help, support, and advice you need.

Report a phishing attack

If you suspect a phishing attack, please report it to the Suspicious Email Reporting Services (SERS) set up by the NCSC at:

Text messages can be forwarded to 7726


The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for the East is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others. Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for the East provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

The Cyber Resilience Centre for the East does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for the East is not responsible for the content of external internet sites that link to this site or which are linked from it.

bottom of page