Plain English guidance on Cyber Essentials, cyber insurance and the security controls UK SMEs need to get certified, insured and protected.
What UK SMEs pay for cyber insurance in 2026: typical premiums by size and sector, what drives the price, and how MFA, EDR and Cyber Essentials cut it.
Read more
What Cyber Essentials costs in the UK in 2026 by company size, plus the 27 April MFA rule that fails you on the spot if cloud MFA is off.
Read more
UK firms under £20m turnover get £25,000 of free cyber liability insurance with Cyber Essentials. Here is exactly how to qualify, opt in, and what it covers.
Read more
Free cyber insurance cost calculator for UK small businesses. Enter your turnover, staff, sector and security controls to get a realistic annual premium range.
Read more
Work out the real first-year cost of Cyber Essentials: the IASME assessment fee by company size, optional Plus audit, and the remediation spend, plus a check against the April 2026 auto-fail rules.
Read more
Estimate the true cost of a ransomware attack on a UK business: downtime, recovery, incident response, breach notification and the ransom decision, to help you right-size your cyber insurance cover.
Read more
Enter the date a high-risk or critical update was released and get the exact 14-day deadline to apply it under the 2026 Cyber Essentials rules, plus a check of whether you are assessed under Willow or Danzell.
Read moreGetting cyber insurance or Cyber Essentials certified has become a maze of jargon, and most UK businesses don’t have a security team to make sense of it. We explain it in plain English: what cover actually pays out for, what the certification questions really mean, and the specific controls insurers now check before they’ll quote you.
This site is for owners, office managers and IT leads at firms with roughly 5 to 250 staff who need to get insured or certified without hiring a specialist. We walk through Cyber Essentials and Cyber Essentials Plus, compare cyber liability policies, and break down the controls that keep coming up on insurer questionnaires: multi-factor authentication, EDR, tested backups, patching and access management.
Brokers and IT providers researching on a client’s behalf will find the same detail here, written to be quoted to a non-technical board. No scare tactics and no sales pitch, just the steps that get you certified, insured and genuinely harder to attack.