CyberSmart review: Cyber Essentials in 2026

CyberSmart review: Cyber Essentials in 2026

CyberSmart is one of the UK's larger IASME-licensed Cyber Essentials certification bodies, founded in 2015 and headquartered in London. Their model is platform-first: a SaaS agent installed on end-user devices automates self-assessment questions, after which their assessors review evidence and issue the certificate. They are a reasonable choice for organisations that want ongoing monitoring as well as certification. Fig Group positions differently - lower headline price, faster first-time certification, and the same IASME licence verifiable on the official directory.

Who CyberSmart is

• Founded: 2015
• HQ: London
• IASME-licensed: yes - check the IASME directory for their current licence
• Scope of services: Cyber Essentials, Cyber Essentials Plus, GDPR support, IASME Cyber Assurance
• Differentiator: monitoring agent + dashboard, designed for ongoing compliance rather than a point-in-time certificate

Their platform installs on Windows, macOS, iOS, and Android devices and reports compliance posture continuously - useful for organisations that value visibility between annual certifications.

Pricing and turnaround

CyberSmart's published pricing is typically tier-based around organisation size and whether monitoring is included. Expect published starting prices above Fig Group's £299.99 + VAT Micro tier; turnaround is competitive but typically measured in days rather than hours. They do not publish a certification-speed guarantee.

For the specific and current price, check cybersmart.com - any review is a snapshot; their commercial terms change.

Where CyberSmart makes sense

• You want a compliance platform, not just a certificate. Their agent-based model has value if your organisation is willing to install it on every device and wants continuous posture reporting.
• You prefer a larger supplier. CyberSmart's size and maturity are a fair comparator for buyers who weight vendor stability.
• You value their wider scheme coverage. They offer IASME Cyber Assurance and other adjacent services.

Where Fig Group positions differently

These are verifiable, falsifiable differences - not opinions:

1. Price floor. Fig's Micro tier is £299.99 + VAT, published on our pricing page and held across all assessments.

2. Certification speed. Fig offers a 6-working-hour certification SLA on the Micro tier for clean submissions. This is an explicit, refundable guarantee.

3. Verifiable licence. Fig Group's IASME licence number is 325cdf33-3812-4082-bf8d-7dce7ac02977 - verifiable on the IASME directory. CyberSmart's licence is also verifiable - always check either body's claim before paying.

The certificate is identical

This is worth stating: the IASME-issued Cyber Essentials certificate a CyberSmart customer receives and the certificate a Fig customer receives are the same piece of paper. Both are valid for 12 months, both appear on the same IASME directory, both satisfy the same UK government / insurance / supply-chain requirements. The differences are the buying and support experience, not the certification.

When to consider switching

• You have a Cyber Essentials renewal coming up and want to benchmark prices
• You have shrunk headcount and want to retier your Micro / Small / Medium scope
• You want a faster certification for a time-sensitive procurement deadline

A switch at renewal time costs nothing - you can simply choose a different IASME-licensed body for the next annual cycle and the certificate is equivalent. The IASME-arranged £25k cyber liability cover (UK orgs < £20m turnover, whole-organisation scope) ships with any valid CE certificate, regardless of which IASME-licensed body issues it.

Due-diligence checklist for any CE body

Before paying any certification body (us included), verify:

1. IASME licence: name appears on the IASME directory. If not, walk away.

2. Price is published or quoted clearly up front with VAT shown.

3. Assessor SLA: how long between submission and review.

4. Resubmission policy: what happens if the first submission fails.

5. Evidence requirements: do they match IASME's current published requirements (v3.3 as of 2026)?

Bottom line

CyberSmart is a legitimate, IASME-licensed certification body with a strong platform play. If their monitoring agent is the thing you want, they may be the right fit. If you want the fastest, cheapest IASME-licensed route, Fig Group's £299.99 + VAT Micro tier and 6-working-hour certification compares favourably. The IASME-arranged £25k cyber liability cover ships with valid CE certificates from either body, where eligibility criteria are met.

Start Cyber Essentials with Fig - from £299.99 + VAT | All pricing tiers | See the comparison