What Is Fig Security?

Fig Security is the security and assurance arm of Fig Group, an IASME-licensed UK certification body. It is the umbrella for everything Fig Group does to make UK organisations demonstrably secure: Cyber Essentials and Cyber Essentials Plus certification, Defence Cyber Certification for the MOD supply chain, a governance-first compliance automation platform, and embedded cyber insurance - all from one UK vendor.

If you have searched for "Fig Security", you are most likely trying to work out who Fig is, whether it is credible, and what it can actually do for your organisation. This guide answers all three, in plain terms, with the verifiable facts you can check for yourself. For the full picture, see our Fig Security overview page.

Fig Security is operated by The Fig Group Limited (Companies House number 16845978), a London-based, IASME-licensed certification body founded in 2025. It is led by Managing Director Jay Hopkins, an IASME-licensed Cyber Essentials and Cyber Assurance assessor who previously ran technology for a regulated firm.

Fig Group works through two operating entities:

• Fig Compliance Ltd is the IASME-licensed certification body that issues Cyber Essentials, Cyber Essentials Plus, and Defence Cyber Certification.
• Fig Technology Ltd builds the compliance automation platform used for ongoing monitoring after certification.

Everything is independently verifiable. The IASME licence is published on the IASME-operated Blockmark registry, the company is on the public Companies House register, and the customer track record is a public, five-star Google review corpus.

Fig Security certifies and protects UK organisations across the full lifecycle - get certified, stay compliant, prove it. In practice that means:

• Cyber Essentials - the UK government-backed baseline that proves five core technical controls are in place. Fig Group issues it from £299.99 + VAT with a published 6-hour turnaround guarantee for compliant submissions, and three free re-submissions included. See how Cyber Essentials works.
• Cyber Essentials Plus - the hands-on, independently audited tier, adding external vulnerability scanning and a technical assessment of a sample of your devices. For buyers and contracts that need verified, not self-declared, assurance. See Cyber Essentials Plus.
• Defence Cyber Certification (DCC) - IASME-licensed assessment at Level 0 and Level 1 for the UK MOD supply chain, against Def Stan 05-138. See Defence Cyber Certification.
• A governance-first compliance platform - 65+ frameworks, 300+ integrations, continuous monitoring, and policy-driven enforcement. See the platform.
• Embedded cyber insurance - £25,000 of cyber liability cover bundled with every Cyber Essentials certificate.

Yes. Fig Group is an IASME-licensed certification body for Cyber Essentials, Cyber Essentials Plus, and Defence Cyber Certification at Levels 0 and 1. Only IASME-licensed certification bodies can issue Cyber Essentials in the UK, and the licence is publicly verifiable on the IASME-operated Blockmark registry.

Three reasons come up again and again: speed (a published 6-hour Cyber Essentials turnaround guarantee for compliant submissions), price (below the standard IASME fee at every published tier, from £299.99 + VAT), and continuity (the same body that certifies you also gives you a platform to stay compliant afterwards, rather than a certificate and a gap). It is one UK vendor for certification, ongoing compliance, and embedded insurance.

The fastest route is the Cyber Essentials readiness checker, which tells you where you stand before you submit. From there you can see published pricing or talk to the team directly. If you are a defence supplier matching a Cyber Risk Profile clause, start with Defence Cyber Certification instead.

---

Fig Security is the security and assurance arm of Fig Group. IASME-licensed. UK-based. From £299.99 + VAT, with a 6-hour Cyber Essentials turnaround guarantee.