A Complete Solution for Cyber Security Compliance
Protecting your business shouldn't be stressful. SafeWatch secures your entire team, from board-level executives to frontline staff. While we are based right here in the Midlands, we provide official Cyber Essentials and Cyber Essentials Plus certification audits to organizations across the entire UK. Led by Lead Assessor Steven Gordon, we make compliance simple, collaborative, and stress-free—request a scoping review or explore our training today.
Cyber Essentials Auditing: Midlands & UK-Wide
Welcome to SafeWatch, a licensed IASME Certifying Body based in the Midlands but providing compliance verification across the entire UK. Whether you are in Oxfordshire, Warwickshire, London, Manchester, or beyond, we make cyber compliance straightforward. By auditing and signing off your Cyber Essentials perimeters, we help protect your organization, satisfy UK government supply chain mandates, and build lasting trust with your clients.
Steven Gordon
Lead Assessor & Cyber Security Partner
With over 30 years of IT infrastructure and governance experience, Steven brings practical expertise to your certification journey.
Based right here in the Midlands, Steven personally guides local SMEs, science parks, and tech firms through their scoping boundaries, while also delivering remote audit support to clients throughout the UK. He is dedicated to making the auditing process simple, transparent, and collaborative for your team, regardless of where they are located.
Official IASME Certifying Body
As a licensed certifying body, we are authorized to evaluate your perimeters and award official UK credentials:
- Cyber Essentials: Marking and signing off on your official self-assessment perimeters.
- Cyber Essentials Plus: Conducting physical and logical technical audits of systems and endpoints.
Government Commits £90 Million to SME Cyber Security
The UK Government has committed a landmark £90 million funding package to establish Cyber Essentials as the baseline standard for all UK Small & Medium Enterprises (SMEs). This highlights the critical need for securing internet perimeters, enforcing MFA, and training staff. As an accredited certifying body, SafeWatch helps Midlands SMEs prepare for their Cyber Essentials Plus audits and calculate scoping boundaries.
The 5 Core Technical Controls of Cyber Essentials
SafeWatch audits organizations against the five technical perimeters specified under the latest Cyber Essentials Standard. All certified systems must successfully enforce these controls:
Boundary Firewalls & Internet Gateways
Enforce strict corporate firewall perimeters to protect all internal network segments, WAN gateways, and subnets. Any open ports or misconfigured router access lists represent immediate vulnerabilities and will result in automatic audit failure.
Secure Configuration
Eliminate security drift by enforcing corporate templates that disable default manufacturer accounts, enforce complex custom logins, shut down unnecessary auto-run properties, and lock down active protocols.
User Access Control & MFA Mandate
Limit administrative accounts exclusively to core needs and enforce least-privilege. Under the Danzell Standard, Multi-Factor Authentication (MFA) must be active across 100% of user and admin logins for cloud services (SaaS/PaaS/IaaS) holding corporate records.
Malware Protection
Protect organizational systems against malicious code. Audits verify that all endpoints run active anti-malware software, utilize application sandboxing, and configure strict code signing to block untrusted applications.
Security Patch Management
Establish strict administrative policies ensuring all operating systems, software packages, and firewalls are patched within 14 days of a critical or high-risk vulnerability release, mitigating zero-day exploits.
SafeWatch Cyber Essentials Defense Shield & Core Pillars
Visual schematic detailing the structural cybersecurity defense columns and statutory governance shields that form a compliant corporate posture.
Accredited Cyber Essentials & Cyber Essentials Plus Audit Cost
As a licensed IASME Certifying Body, SafeWatch provides clear, upfront pricing for your NCSC Cyber Essentials and Cyber Essentials Plus audit cost, alongside certified training and scoping advisory packages.
Cyber Essentials Self-Assessment
SafeWatch reviews, verifies, and signs off on your official NCSC Self-Assessment Questionnaire, providing the foundational digital shield.
- Official IASME Portal Access
- Pre-submission compliance review by Steven Gordon
- Verification & formal NCSC Certification
- £25k Financial Liability Indemnity (if compliant)
Cyber Essentials Plus Audit
Rigorous physical and logical technical validation audit. SafeWatch assessors actively audit your endpoints and network perimeters to mark you as fully compliant.
Price On Application
POAPricing is customized based on active endpoints, server counts, physical site scope, and teleworking distribution. Click below to generate a tailored scoping estimate.
- All Self-Assessment marking included
- External vulnerability scans by certified SafeWatch auditors
- On-site or remote endpoint configuration checks
- Email delivery & malware prevention testing
- Official Cyber Essentials Plus certification signing
Audit Readiness & Training Support
Support courses and ongoing chief advisory retainers to assist internal IT teams in passing the Cyber Essentials audits marked by SafeWatch.
SafeWatch NCSC Auditing Process Lifecycle
SafeWatch assessors guide your business through a structured four-stage regulatory pathway to verify your technical perimeters and award the official IASME Cyber Essentials credentials.
SafeWatch Accredited Compliance Training Pathway
Operational milestone blueprint for corporate administrators and compliance officers tracking certification audits and risk advisory levels.
The 5 Security Controls of Cyber Essentials
By implementing these five fundamental technical controls, organizations block over 80% of common internet threats. Let's break down how each control keeps you secure and compliant.
Firewalls & Internet Gateways
Create a secure perimeter barrier between your internal network and the public internet to block unauthorized incoming traffic.
- Change default firewall admin passwords
- Block all unapproved inbound connections
- Ensure outbound rules restrict unsafe destinations
Secure Configuration
Hardening system settings to reduce vulnerability surfaces. Turn off defaults that leave your devices exposed.
- Disable unused ports and auto-run features
- Uninstall unnecessary default programs
- Change all manufacturer default passwords
User Access Control
Enforcing the Principle of Least Privilege. Only grant administration rights to those who absolutely need them.
- Standard users must not have admin privileges
- Restrict software installation rights
- Enforce Multi-Factor Authentication (MFA)
Malware Protection
Keep malicious code from executing. Protect your endpoints from virus, worm, and ransomware infections.
- Deploy active antivirus scanning software
- Enable OS app store verification (sandboxing)
- Block known untrusted browser extensions
Patch Management
Closing known security backdoors. Keep all operating systems and software updated to block active exploits.
- Install critical updates within 14 days of release
- Remove out-of-support legacy applications
Are Your Controls Ready for Audit?
Take our interactive Gap Diagnostic to check your compliance status across all 5 controls in under 5 minutes.
Cyber Essentials for Businesses & Enterprises
Secure government contracts, satisfy corporate supply chain mandates, and protect your commercial brand from devastating ransomware and intellectual property theft.
Bidding for Tenders & Securing Supply Chains
Under the UK Cabinet Office Procurement Policy Note (PPN 09/14), Cyber Essentials is a statutory mandate for any business bidding for central government contracts that involve handling personal or sensitive data. In the private sector, major enterprises across Oxfordshire and Warwickshire now require Cyber Essentials from all suppliers to isolate third-party supply chain liabilities.
Critical Cyber Threats Targeting UK Businesses
Commercial estates face targeted, financially-motivated attack vectors daily:
Ransomware & Cryptolocking Extortion
Infiltrating corporate networks via compromised endpoints, encrypting databases and billing files, and demanding massive ransom payments to restore operational status.
Intellectual Property & R&D Exfiltration
Malicious competitor or state-sponsored espionage actors stealing proprietary designs, CAD files, and chemical formulas to erase your market advantage.
Supply Chain & Vendor Account Takeovers
Exploiting weak supplier email security (MFA omissions) to hijack active billing threads and redirect legitimate B2B invoice transfers to fraudulent bank accounts.
Key Corporate Benefits
- Tender Readiness: Qualify immediately for UK Crown Commercial framework bids.
- Insurance Discounts: Lower corporate cyber liability insurance premiums by proving technical controls.
- GDPR Safeguarding: Mitigate legal liability fines (up to 4% of global turnover) under the DPA.
Corporate Scoping Audit Reviews with Steven Gordon
Scoping corporate IT perimeters is notoriously complex. Defining guest Wi-Fi networks, remote work connections, and cloud tenants incorrectly will trigger automatic audit failures under the latest Cyber Essentials Standard framework. SafeWatch Principal Assessor Steven Gordon personally reviews your estate scope to ensure 100% compliance alignment, delivering a stress-free certification pathway.
How an Open RDP Port Led to Manufacturing Shutdown
The Incident: A manufacturing enterprise in Warwickshire suffered a complete operational shutdown for six days following a ransomware infection. An attacker discovered a legacy server running Remote Desktop Protocol (RDP) exposed directly to the public internet on default port 3389, without a firewall constraint. The attacker compromised the server, moved laterally, and encrypted billing records, manufacturing control logs, and CAD templates, costing the firm £280,000 in recovery expenses and lost contracts.
How Cyber Essentials Would Have Prevented It:
- Boundary Firewalls & Internet Gateways: The framework strictly forbids exposing administrative services (like RDP, SSH, or SMB) directly to the open internet. Public-facing ports must be shut down or restricted behind a secure VPN.
- Secure Configuration & Default Protocol Hardening: Mandates disabling legacy protocols, closing non-essential ports, and enforcing custom admin profile criteria across all endpoints.
- Patch Management: Enforces updating all internet-facing perimeters and system firmware within 14 days of security vulnerability releases.
Cyber Essentials for Charities & Non-Profits
Protect donor financial transactions, safeguard sensitive beneficiary case files, and secure unmanaged volunteer personal devices from advanced social engineering.
Donor Trust, GDPR Compliance, and Information Asset Auditing
Charities are prime targets for cyber criminals because they handle high volumes of sensitive personal data (PII) and financial donations, often without full-time IT security staff. Under the UK General Data Protection Regulation (UK GDPR) and Data Protection Act (DPA 2018), trustees must enforce strict data boundaries and maintain an up-to-date Information Asset Register mapping all personal, donor, and beneficiary data. Achieving Cyber Essentials validates the technical perimeters guarding these critical assets, reassuring grant bodies and the public that funding and data are secure.
The Volunteer & BYOD Challenge
Securing a charity is uniquely complex due to a revolving, temporary volunteer workforce. Unlike employees, volunteers rarely undergo structured IT training, access cloud databases using unpatched personal laptops (BYOD), and lack centralized corporate accounts.
SafeWatch helps you configure lightweight Mobile Device Management (MDM) rules and session limits to isolate database access, securing your endpoints without compromising personal privacy.
Critical Cyber Hazards Targeting Charities
Criminals exploit the trust-oriented, high-activity non-profit sector:
Spear-Phishing & CEO Donation Scams
Phishing campaigns that mimic trustees or CEOs to trick finance coordinators into transferring charity program funding to overseas criminal accounts.
Exfiltration of Sensitive Beneficiary Records
Targeting vulnerable non-profit servers to steal confidential beneficiary files (health status, family records, housing) to blackmail families or sell data.
Donation Portal & Website Defacement
Hijacking website domains or injection of malicious code into online donation forms to skim credit card details directly from generous donors.
NCSC Charity Board Toolkit Scoping & Assessor Verification
Our lead assessor Steven Gordon works directly with charity trustees and boards to bridge the gap between compliance and mission safety. SafeWatch aligns your operational policies with the NCSC Charity Board Toolkit recommendations. We help you establish compliant boundary scopes, verify your UK GDPR Information Asset Register, audit cloud identity access (MFA), and align volunteer BYOD policies to ensure your charity secures a first-time pass at fixed SME rates.
How Unpatched Volunteer Devices Lead to Data Breach
The Incident: A mid-sized UK support charity suffered a major data breach when an attacker compromised a volunteer’s unpatched personal tablet (BYOD) via a simple phishing email. The attacker extracted cached administrative login credentials for the charity's main cloud case-management database, which lacked Multi-Factor Authentication (MFA). This resulted in the theft of 1,200 sensitive beneficiary case files and a mandatory reporting fine under UK GDPR/DPA rules.
How Cyber Essentials Would Have Prevented It:
- Multi-Factor Authentication (MFA): Stolen cached credentials alone would be useless without a second factor, blocking access to the cloud database.
- Patch Management & System Updates: Cyber Essentials forbids any device running unsupported or unpatched software from accessing organizational systems. Automatic updates on the volunteer's tablet would have blocked the initial browser exploit vector.
- Secure Configuration & Scope Isolation: Restricting user accounts to local standard profiles rather than administrative privileges limits the damage from compromised BYOD credentials.
Cyber Essentials for Schools & Academy Trusts
Satisfy the Department for Education (DfE) cyber standards, safeguard student personal files, and secure classroom networks from devastating cryptolocking attacks.
Satisfying the UK DfE Cyber Security Standards Mandate
The UK Department for Education (DfE) has issued mandatory Cyber Security Standards for all schools, colleges, and academy trusts. Proving compliance is a critical requirement for securing school budgets and academy capital grants. Cyber Essentials is the official government-backed framework specified to demonstrate that classroom networks, staff HR systems, and student records are defended against hostile actors.
Critical Cyber Risks Facing Educational Institutions
Schools run dense, high-traffic networks exposing multiple entrance vectors:
Ransomware Targeting Exam & Term Operations
Encrypting central student management portals, safeguarding logs, and exam files, intentionally timed to block enrollment weeks or exams to maximize pressure.
Safeguarding & Student PII Leaks
Breaches targeting highly confidential student safeguarding databases and special educational needs (SEN) logs, resulting in severe child safety and regulatory risks.
Classroom BYOD & Open Network Hijacking
Students and staff bringing thousands of unmanaged personal Chromebooks, iPads, and smartphones onto the school Wi-Fi, introducing malware to the LAN.
Safeguarding Value
- DfE Compliant: Satisfy mandatory standards to secure capital allocations and funding streams.
- Student Shielding: Protect sensitive safeguarding logs and medical files.
- Network Hardening: Secure Wi-Fi subnets used by students and teachers.
Multi-Academy Scoping & Auditing by Assessor Steven Gordon
Multi-Academy Trusts (MATs) and schools maintain highly complex boundaries with distributed campuses, staff working from home, and hundreds of public-use Chromebooks. Defining what is in-scope under the Danzell standard requires specialized assessment. Lead Auditor Steven Gordon helps schools segment student networks from administrative subnets, ensuring your admin system achieves certification smoothly while minimizing operational disruptions.
How Compromised Staff Credentials Closed a Secondary Academy
The Incident: A secondary school academy trust in the Midlands suffered a devastating ransomware attack on the first week of the autumn term, encrypting classroom registers, medical logs, SEN data, and lesson servers. The attacker compromised a teacher's remote-access VPN credentials via a credential-stuffing attack on a home computer that lacked Multi-Factor Authentication (MFA). Once inside, the attacker traversed the flat network, infecting the main administrative subnet. The trust was closed for four days, incurring £80,000 in recovery costs and severe reputational damage.
How Cyber Essentials Would Have Prevented It:
- Multi-Factor Authentication (MFA): Stolen password credentials would be rendered useless without the secondary physical factor authentication code, blocking initial access.
- Network Segmentation & Subnet Boundaries: Cyber Essentials requires separating high-risk networks (such as open pupil Wi-Fi or classroom labs) from the core administrative system containing student records and financial systems.
- Supported Operating Systems & Patching: Limits external VPN connections to authorized, updated endpoints, blocking known vulnerabilities on unmanaged home computers.
Information Security Awareness Training
Foster a resilient security culture across your organization. SafeWatch provides targeted training programs tailored to different business roles, ensuring alignment with NCSC standards and security policies.
Frontline Cyber Security Hygiene
Your employees are your first line of defense. This curriculum focuses on building practical, day-to-day security habits that protect company assets and mitigate common social engineering risks.
- Social Engineering & Phishing: Recognize sophisticated email, SMS, and phone phishing attempts.
- Strong Password Hygiene: Establish rules for unique passphrases and secure password managers.
- Remote Work & Wi-Fi Safety: Secure home networks, utilize VPNs, and handle public Wi-Fi risks.
- BYOD & Device Security: Maintain strict boundary guidelines on personal devices used for work.
Governance, Scoping & Risk
Designed for C-level executives and board members to understand security from a strategic, legal, and financial perspective.
- NCSC Board Toolkit: Align security metrics with core business governance.
- GDPR & Compliance: Understand regulatory liabilities and corporate data protection duties.
- Cyber Essentials ROI: Scoping auditing bounds to maximize insurance premiums and tender access.
Policy Enforcement & Access
Equip middle management with the tools to implement, monitor, and enforce security policies within their respective teams.
- Least Privilege Access: Administer user accounts to prevent unauthorized access permissions.
- Incident Escalation: Lead incident response procedures when alerts or breaches occur.
- Onboarding Protocols: Enforce mandatory security setup steps (MFA, updates) for new hires.
SafeWatch Accredited Compliance Training Pathway
Our structured training curriculum guides teams from fundamental security awareness to technical readiness for the NCSC Cyber Essentials audit.
General Cyber Essentials Gap Diagnostic
Assess your organization's alignment with the five core perimeters of the latest Cyber Essentials Standard. Identify potential audit redlines and estimate compliance liabilities under the UK Data Protection Act (GDPR).
1. Scoping Personalisation
Provide your organization's scope parameters to customize the diagnostic metrics, DPA/GDPR compliance formulas, and exportable board reports under the latest Cyber Essentials Standard.
SafeWatch Boardroom Scoping & Executive Briefing Model
Executive alignment model mapping corporate risk levels, scoping configurations, and compliance values for board presentation.
Scoping Boundary Parameters
🛡️ Executive Briefing Recommendation
Calculating executive summary...
Contact SafeWatch
Have questions about Cyber Essentials boundaries or auditing schedules? Reach out to Lead Assessor Steven Gordon for direct compliance support.
Direct Contact Channels
Connect directly with our accreditation team in the Midlands for rapid response times.
Call Our Desk
Email Inquiries
Local Office
Banbury, Oxfordshire, United Kingdom
Availability Hours
Monday - Friday: 08:30 - 17:30 GMT
Accredited Auditing Team
Steven Gordon
Lead Assessor & IT Auditor
Markus Backman
Accredited IASME Assessor
Send a Message
Message Transmitted Successfully
Thank you. Lead Assessor Steven Gordon will review your query and contact you within 24 operational hours.
Request Cyber Essentials Certification
Input your operational metrics. SafeWatch’s smart inquiry portal recommends the ideal pathway and prepares customized engagement scopes in real-time.
Accredited Engagement Inquiry
Recommended Audit Scope
Privacy Policy & GDPR Statement
This statement details how SafeWatch Midlands processes, secures, and retains client data in full compliance with UK GDPR and NCSC Cyber Essentials auditing mandates.
1. Introduction & Data Controller
SafeWatch Midlands is committed to protecting the privacy of our clients and website visitors. For the purposes of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, the Data Controller is Steven Gordon, Lead Auditor, residing at Banbury, Oxfordshire (Email: hello@safe-watch.co.uk).
2. Information We Collect
We collect and process the following information when you interact with our website or book an audit:
- Contact Information: Your name, organization name, phone number, email address, and physical address.
- Auditing & Scoping Data: Scope metrics, user counts, network details, and compliance declarations submitted via forms, gap diagnostic tools, or scope calculators.
- Technical Metadata: IP address, device type, browser information, and referral URLs gathered via web logging.
3. Lawful Basis and Purpose of Processing
We process data under the following lawful bases:
- Contractual Obligation: To prepare scoping proposals, quote prices, schedule audits, verify questionnaire responses, and process official Cyber Essentials / Plus certifications.
- Legitimate Interests: To operate our gap diagnostics, run awareness modules, address queries, and safeguard website perimeters.
- Legal Compliance: To maintain official certification records as strictly required by NCSC and IASME auditing standards.
4. Third-Party Data Sharing
As an accredited Certifying Body, your organization name, registration details, and certification status are securely transmitted to IASME Consortium Ltd (the scheme partner) and the National Cyber Security Centre (NCSC) to issue certificates and publish your status on the official UK Compliant Register. We do not sell or lease your personal information to unrelated third-party marketers.
5. Data Retention & Security
Official assessment forms, scanning logs, and audit credentials are archived securely for a minimum of 3 years as mandated by the IASME Certification Body Agreement. Website contact submissions and temporary diagnostic responses are purged within 12 months if they do not lead to an active contract. All data is stored in encrypted databases with active Multi-Factor Authentication (MFA) and perimeter firewall controls.
6. Your Rights under UK GDPR
Under UK data protection laws, you hold statutory rights including:
- The right to access your stored data and verify scoping histories.
- The right to rectify inaccurate records or complete scoping sheets.
- The right to erasure ("right to be forgotten"), subject to statutory audit retention mandates defined by IASME.
- The right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe we have breached your rights.
Complaints & Appeals Procedure
Official policies for Accredited IASME Certification Bodies, detailing conflict of interest mitigation, complaints escalation, and audit appeals.
1. Overview of Complaints & Appeals
SafeWatch Midlands is committed to delivering professional, objective, and accurate auditing services. In compliance with IASME licensing standards, we maintain a transparent, structured pathway for clients wishing to lodge service complaints or appeal a "Fail" result issued during a Cyber Essentials or Cyber Essentials Plus assessment.
2. How to Lodge a Complaint or Appeal
All complaints or appeals must be submitted in writing within 14 calendar days of the event or certification decision. Submissions must be emailed directly to Lead Auditor Steven Gordon at hello@safe-watch.co.uk and contain:
- Organization Name and Primary Contact details.
- Date of assessment and target scope details.
- Specific details of the dispute or technical grounds for appealing a failed control checklist.
3. Investigation and Resolution Window
Upon receipt of a written appeal or complaint, SafeWatch initiates the following process:
- Acknowledgement: Receipt will be acknowledged in writing within 3 business days.
- Independent Review: All raw questionnaire files, scoping bounds, and endpoint scan outputs will be re-evaluated against the NCSC core requirements.
- Formal Verdict: A comprehensive written determination outlining the findings and resolution will be issued within 10 business days.
4. Escalation to IASME
If the outcome of our review does not resolve the dispute to your satisfaction, you have the right to escalate your appeal directly to the licensing authority: The IASME Consortium. Their independent adjudication team will review our auditing records and issue a final ruling. Information on contacting IASME can be found at https://iasme.co.uk.
5. Conflict of Interest Mitigation Policy
Under the IASME Certifying Body Code of Conduct, SafeWatch maintains strict operational segregation. Assessor Steven Gordon is prohibited from auditing and signing off on any systems, configurations, or networks where he has personally designed, built, or implemented the primary security controls, unless an independent, accredited peer assessor conducts a secondary validation.
Global Cyber Threat Monitor
Real-time cyber threat advisories and security alerts dynamically aggregated from the UK National Cyber Security Centre (NCSC) and the US Cybersecurity and Infrastructure Security Agency (CISA). Active threats require swift mitigation; ensure your boundary defenses comply with Cyber Essentials standards.
Protect Your Business Against Active Vulnerabilities
Active vulnerabilities require swift mitigation. Check if your current configurations align with the official NCSC standard using our Gap Diagnostic tool.