Get Cyber Essentials ready in 2 hours
BrightCert guides UK SMEs through a plain-English Cyber Essentials readiness assessment, highlights what needs attention, and creates a practical report before you apply for certification.
No confusing forms. No expensive consultancy-first process. Just clear questions, smart analysis, and a step-by-step view of what to fix next.
Built for UK businesses preparing for Cyber Essentials.
Acme Ltd
Assessment completed
Priority fixes
- Enable MFA across cloud services
- Review admin user access
- Confirm security update process
Unlock full report for £199
Designed for UK SMEs preparing for Cyber Essentials
Plain-English questions
No jargon-heavy compliance language.
AI-assisted gap analysis
Clear scoring across the five control areas.
Practical remediation report
Know what to fix before applying.
UK-specific guidance
Built around Cyber Essentials, GBP pricing, and SME needs.
The Problem
Cyber Essentials can feel harder than it should
For many small businesses, Cyber Essentials starts with a simple goal: prove that your organisation takes cyber security seriously. But the preparation process can quickly become confusing. That uncertainty often leads to delays, guesswork, or expensive consultancy before you even understand the gaps.
You are not sure where you stand
You know Cyber Essentials matters, but you do not have a clear view of how close your business is to being ready.
The language feels technical
Firewalls, secure configuration, access control, malware protection, patching — the requirements are important, but they are not always explained in a way SMEs can act on quickly.
Consultants can be expensive
Many businesses only find out what needs fixing after paying for external help. BrightCert gives you a clear readiness picture first.
Your team needs next steps
A score alone is not enough. You need a practical list of what to fix, why it matters, and what to do next.
The Solution
A clearer way to prepare for Cyber Essentials
BrightCert turns Cyber Essentials preparation into a guided, step-by-step process.
You answer simple questions about your organisation, devices, users, software, and security controls. BrightCert analyses your responses across the five Cyber Essentials control areas and gives you a readiness score, plain-English gap findings, and prioritised remediation steps.
Start Your Readiness AssessmentHow It Works
From uncertainty to action in four clear steps
Answer simple questions
Complete a guided assessment covering the five Cyber Essentials control areas. Each question is written in plain English, with helpful context where needed.
Answer honestly. The goal is not to look perfect — it is to understand what needs fixing before you apply.
Get your readiness score
BrightCert analyses your answers and scores your organisation across the core Cyber Essentials areas.
See your overall readiness score and understand which areas are strong, weak, or incomplete.
Review your gaps
Your results show where your business may fall short, with clear explanations and practical next steps.
No alarmist language. Just clear findings, prioritised by what matters most.
Unlock your full report
Pay £199 to unlock your full readiness report, including detailed gap analysis, remediation actions, and a preparation summary.
Use the report to fix issues internally or prepare for your application with a Certification Body.
The Five Control Areas
Built around the Cyber Essentials requirements
Cyber Essentials focuses on five technical control areas that help protect organisations from common internet-based cyber threats. BrightCert structures your assessment around these same five areas.
Area 1
Boundary Firewalls & Internet Gateways
- Whether firewalls are in place
- Whether default settings have been changed
- Whether inbound access is controlled
- Whether unnecessary services are exposed
- Whether network boundaries are understood
Area 2
Secure Configuration
- Whether default passwords are changed
- Whether unused accounts are removed
- Whether unnecessary software is disabled
- Whether devices are configured consistently
- Whether secure setup processes are documented
Area 3
User Access Control
- Whether users have only the access they need
- Whether admin accounts are limited
- Whether leavers are removed quickly
- Whether multi-factor authentication is used
- Whether access is reviewed regularly
Area 4
Malware Protection
- Whether anti-malware protection is active
- Whether protection is kept up to date
- Whether application controls are used
- Whether users can install software freely
- Whether mobile and desktop devices are covered
Area 5
Security Update Management
- Whether security updates are applied promptly
- Whether unsupported software is removed
- Whether operating systems are still supported
- Whether update responsibilities are clear
- Whether patching is tracked across devices
What You Get
A practical readiness report, not another vague checklist
BrightCert does more than ask questions. It turns your answers into a clear picture of your Cyber Essentials readiness, so your business can take action with confidence.
Readiness score
See your overall readiness level at a glance, with clear pass, warning, and fail indicators across each control area.
Your score helps you understand whether you are close to applying or whether key gaps need attention first.
Control-by-control analysis
Break down your results across all five Cyber Essentials areas, so you know exactly where the risks are.
Instead of one generic result, BrightCert shows which parts of your setup are strong and which need work.
Plain-English gap findings
Understand what each issue means without needing to be a cyber security expert.
BrightCert explains findings in simple language, helping business owners and IT providers act quickly.
Prioritised remediation steps
Get a clear action list showing what to fix first.
Each recommendation helps your team move from 'we know there is a problem' to 'we know what to do next.'
Downloadable PDF report
Unlock a professional report you can save, share, and use as part of your preparation process.
The report gives your team a structured summary of your readiness, key gaps, and recommended next steps.
Built for UK SMEs
BrightCert is designed for UK businesses that want practical guidance without unnecessary complexity.
The language, pricing, structure, and compliance context are UK-specific from the start.
Your Report
Know what to fix before you apply
Your BrightCert report gives you a structured view of your Cyber Essentials readiness. It is designed to help you understand your current position, share findings with the right people, and work through improvements before applying for official certification.
- Executive summary — A simple overview of your readiness score, strongest areas, and main risks.
- Five control area scores — A breakdown of your performance across the five Cyber Essentials control areas.
- Gap analysis — Clear explanations of where your current setup may not meet expected requirements.
- Priority action plan — A practical list of recommended fixes, ordered by importance.
- Preparation notes — Helpful guidance to support your next steps before working with a Certification Body.
- PDF download — A professional copy of your report that can be saved, shared, or reviewed with your team.
Pricing
Simple pricing for Cyber Essentials preparation
Start with a guided readiness assessment. Upgrade only when you need ongoing monitoring, CE Plus preparation, or partner features.
Assessment
one-time
Best for UK SMEs preparing for Cyber Essentials and wanting a clear view before applying.
- Guided CE readiness assessment
- Questions across all five control areas
- AI-assisted scoring and gap analysis
- Overall readiness score
- Control-by-control results
- Prioritised remediation steps
- Downloadable PDF report
- Plain-English preparation guidance
Complete first. Pay when you're ready to unlock.
Monitor
/month
Businesses that want ongoing visibility after their initial readiness report.
- Monthly readiness review
- Saved assessment history
- Ongoing remediation tracking
- Updated action list
- Report access
- Renewal preparation support
CE Plus Pack
one-time
Businesses preparing for Cyber Essentials Plus before technical testing.
- CE Plus preparation checklist
- Evidence collection guidance
- Device and system readiness review
- Remediation planning
- Internal preparation summary
- Priority support
MSP Partner
/month
MSPs supporting multiple UK SME clients with Cyber Essentials preparation.
- Multi-client dashboard
- Client assessment tracking
- Readiness reports
- Partner workflow tools
- Client remediation visibility
- MSP-focused reporting
Why BrightCert
Understand your gaps before you spend more
Traditional consultancy can be valuable, especially for complex organisations. But many SMEs first need a clear answer to a simpler question:
Are we ready, and what do we need to fix?
| Without BrightCert | With BrightCert |
|---|---|
You may not know where to begin | Start with a guided assessment |
Technical language can slow you down | Questions are written in plain English |
You may pay for advice before knowing the gaps | See your readiness position first |
Findings can be scattered across emails or calls | Get a structured PDF report |
Teams may not know what to fix first | Receive prioritised remediation steps |
Progress can feel unclear | Track score, status, and next actions |
Who It Is For
Built for the businesses that need clarity fast
BrightCert is designed for UK SMEs that need to prepare for Cyber Essentials without turning the process into a long, technical project.
Small business owners
You need to show customers, suppliers, or partners that your business takes cyber security seriously — but you do not have a large internal IT team.
Operations managers
You have been asked to prepare for Cyber Essentials and need a structured way to collect answers, spot gaps, and organise next steps.
IT providers
You support clients who need Cyber Essentials preparation and want a repeatable way to assess readiness before formal application.
Growing suppliers
You are bidding for work where Cyber Essentials is expected or required, and you need to understand whether your business is ready.
Trust & Clarity
Clear guidance without false promises
BrightCert is careful about what it does — and what it does not do. We help you prepare for Cyber Essentials by assessing your readiness, identifying gaps, and creating a practical report. We do not issue the official Cyber Essentials certificate. Official certification is handled through IASME Certification Bodies.
Preparation, not certification
BrightCert helps you understand your readiness before applying. It does not replace the official certification process.
Plain-English explanations
Every finding is written to help non-technical business users understand what needs attention.
Practical next steps
Your report focuses on action, not fear.
UK-specific product
BrightCert is built for UK SMEs preparing for a UK cyber security scheme.
Readiness assessment — not official certification
BrightCert helps UK businesses prepare for Cyber Essentials by assessing readiness, identifying gaps, and producing a practical report. BrightCert does not issue the official Cyber Essentials certificate. Official certification must be completed through an IASME-licensed Certification Body.
FAQs
Common questions
Does BrightCert issue the official Cyber Essentials certificate?
No. BrightCert provides readiness assessment and preparation support. Official Cyber Essentials certification must be completed through an IASME-licensed Certification Body.
Do I need to pay before starting the assessment?
No. You can complete the full assessment first. Payment of £199 is required only when you want to unlock your full readiness report and PDF download.
How long does the assessment take?
Most businesses can complete the assessment in around 2 hours. You can save your progress and return at any time.
What happens after I complete the assessment?
BrightCert analyses your responses across the five Cyber Essentials control areas and shows you an overall readiness score. You can then unlock the full report for £199 to see your gaps, remediation steps, and preparation guidance.
Is BrightCert suitable for non-technical users?
Yes. BrightCert is designed to explain Cyber Essentials preparation in plain English. You do not need to be a cyber security expert to complete the assessment.
Can I share the report with my IT provider?
Yes. The PDF report is designed to help internal teams, external IT providers, and business owners understand what needs attention and what to do next.
Is this only for UK businesses?
Yes. BrightCert is built specifically for UK SMEs preparing for Cyber Essentials, which is a UK-specific cyber security certification scheme managed by the NCSC.
What are the five Cyber Essentials control areas?
They are: 1. Boundary Firewalls & Internet Gateways, 2. Secure Configuration, 3. User Access Control, 4. Malware Protection, and 5. Security Update Management. BrightCert covers all five.
Do you store my answers securely?
Yes. Your assessment responses are stored securely and used only to generate your readiness report. We do not share your data with third parties.
What is the difference between Cyber Essentials and Cyber Essentials Plus?
Cyber Essentials is a self-assessed questionnaire reviewed by a Certification Body. Cyber Essentials Plus also includes an external technical verification. BrightCert currently supports preparation for both, with specific CE Plus guidance in the CE Plus Pack.
Find out how ready your business is
Complete your Cyber Essentials readiness assessment, review your score, and unlock a practical report showing what to fix next.