Cyber Essentials


Cyber Essentials is a Government backed scheme that will help you to protect your firm, whatever its size, against a range of the most common cyber-attacks.  Cyber Essentials helps you to guard against the most common cyber threats and demonstrate your commitment to cyber security.

What is Cyber Essentials and what must you do?

Cyber essentials focuses upon five technical controls which were identified by the government as those that, if they had been in place, would have stopped the majority of the successful cyber-attacks over the last few years.

These technical controls are:

  • Firewalls
  • Security settings for your devices and software
  • Access Control
  • Viruses and Malware
  • Devices and Software
  • Levels of Engagement

Levels of Engagement

As a minimum, all firms should understand and act on the five technical controls listed above. Given that firms in the legal sector control sensitive personal information it is recommended that accreditation is achieved.

There is a self-assessment option available which is simple and costs around £300.  Firms can opt to buy in assistance to achieve accreditation if they need it.

Cyber Essentials Plus covers the same areas but verification of your cyber security is undertaken independently by a Certification Body.


We provide further information about Cyber Essentials in our GDPR training course packs which may be downloaded from our Resources page.


DG Legal can provide expert advice & assistance in helping firms become accredited at the standard or advanced level. Consultancy and assessment together cost around £1500.  For further details or to arrange to speak to one of our consultants, please contact us by email.

Get in touch

If you would like further information on any of the services mentioned on this site or would like to arrange a discussion with one of our consultants, please send an email or contact us by completing this form.

Any data that you submit using this web form will be held by our firm as Data Controller and will be held securely for 12 months before being securely and confidentially destroyed. Your data will not be disclosed to any third parties without your consent or as otherwise allowed by the General Data Protection Regulation and will only be used for responding to your query (or purposes associated with that purpose).  You have the right to be informed about what data we hold about you along with other rights set out in the legislation. Further information about your rights under the data protection legislation can be found at
For further information, please see our Data and Privacy Notice