What is Cyber Essentials and why do I need it?

Christian Goelz
Christian Goelz

Riela Cyber Director

The Value of Cyber Essentials

Cyber Essentials is a government-backed and nationally recognised certification built to raise cyber security levels across organisations. Working with the National Cyber Security Centre (NCSC), the certification helps businesses by assessing performance against five vital security controls. Once your business has been checked against and passed these controls, you and your clients can be assured that you are protected from the most common cyber threats:

  1. Software – this control checks that all patches are applied to systems and that your organisation is running on the latest versions to remove vulnerabilities.
  2. Anti-Malware – this control checks that your organisation has implemented a suitable anti-malware endpoint protection solution to identify and remove malicious programs across your infrastructure
  3. Firewalls – this control checks that you have implemented firewalls with adequate rules to prevent unauthorised access from the outside to your internal networks.
  4. Secure Configuration – this control checks that you have implemented secure configurations across your domains, in line with industry best-practice, such as enforcing secure passwords, 2FA, etc.
  5. Access Controls – this control checks that only admin users have admin rights while general office staff only have user rights that only allow them to access applications and data they need for their daily work without being able to make changes to configurations.

While Cyber Essentials only cover the ‘essentials’ of cyber security these controls are designed, according to IASME, to prevent 80% of security incidents as they make it significantly harder for anyone to compromise your organisation by removing the long hanging fruit such as vulnerabilities or lack of secure configurations.

Cyber essentials for law firms to reduce cyber risk

Cyber Essentials as such is a great start to improve your cyber security posture on a small budget as it focuses on good IT hygiene of an organisation’s IT infrastructure.

However, as it only covers the ‘essentials’ of cyber security, it may not be enough based on the risk appetite or security needs of an organisation. Cyber security is risk management and mitigation, and as such some organisations may need further controls and monitoring in place.

Starting with every organisation’s biggest cyber risk, the employee, an organisation should consider regular training and awareness session for its staff to ensure they are aware of the risks of phishing and other malicious emails, the need for secure passwords and procedures to manage risks.

In addition, we always recommend external and internal vulnerability scans to identify any threats and vulnerabilities on your environment. Probably most important, however, are regular reviews and tests of the last resort ‘cyber incident insurance’, which is an organisation’s’ backup and disaster recovery strategy. If all else fails, often the only option for an organisation to get back online is recovering their data using secure and air-gapped backups. No risk management can replace the need for air-gapped backups as the ultimate insurance.

Finally, despite controlling for vulnerabilities and having the relevant controls in place, threat actors can still get past your defences and compromise the system. To identify these threat actors on your system, an organisation needs to deploy security monitoring, known as Managed Detection and Response, systems through a dedicated Security Operations Centre (SOC). Through its specialist tools, cyber security specialists using AI and machine learning look for suspicious behaviour, brute force attacks or unwanted data leaks, etc. to help identify a data breach before it can cause significant damage to your organisation.

Where Does This Leave Me and My Business?

In summary, organisations can’t afford wait any longer and need to embrace cyber security as part of their risk management and compliance frameworks before it is too late!

Companies who are new to cyber security should start with Cyber Essentials to understand the current risks and controls of their existing cyber security posture in more detail to allow them to make an informed decision on how to close the gaps depending on budget. Cyber Essentials is a good and cost-efficient start which enables your organisation to start its cyber security journey. 

If you want to find more information about Cyber Essentials on the Isle of Man and whether your business is eligible click here

Get Started with Your Cyber Essentials Certification Today

Contact our team to check your eligibility in a free consultation

Subscribe to our newsletter

Stay updated with our latest blogs and company updates.

Kurt Schrauwen



Kurt Schrauwen is a Director of the Riela Group of companies which includes Riela Yachts, Riela Cyber and Riela Tech. 

Kurt brings more than 20 years of leadership experience having been an early part of the global success of Microgaming in becoming a market leader. Kurt was responsible for the commercial, contractual, and technical sales for Microgaming and with this experience will complement the company’s growth strategy.

Kurt is passionate about business optimisation and prides himself in having an intrapreneurial outlook to maximise staff potential, reduce inefficiencies as well as identifying and maturing revenue growth opportunities.

Paul Cocker

Service Delivery Coordinator

Paul Cocker joined the Riela Group in late 2021, after spending just under 20 years with his previous employer.

Paul is responsible for the Riela Tech service levels, working on both the dispatch function and SLA management. Paul carries out a variety of duties across the Network Operations Centre and works closely across the wider team to deliver professionally tailored solutions for our Riela Tech clients.


we’re Here
To Assist You

Something isn’t Clear?

Feel free to contact us, and we will be more than happy to answer all of your questions.

Murat Guner

Infrastructure Engineer

Murat Guner joined the Riela Group in the Summer of 2021 as an Infrastructure Engineer.

Murat began his career in Turkey as a computer teacher for primary and secondary schools before migrating his skills into IT infrastructure. After honing his IT experiences throughout a colourful career path, Murat gained numerous qualifications which he is now excited to apply to the management of our Riela Tech infrastructure.

Andrew Clucas

Senior Network Engineer

Andy is a qualified Network Engineer with in-depth knowledge of architecting, implementing and supporting networking solutions in the SMB, Enterprise and Service Provider environments.

He has over 20 years of experience working across multiple vendor operating systems, including Cisco, Juniper, Linux and Microsoft, and has also been responsible for implementing a variety of large scale network services deployments, taking projects from design to rollout and support.

Andy also has experience of deploying and migrating a range of virtualisation technologies including VMWare, Hyper-V and KVM based systems.

Marc Dorey

Infrastructure & Managed Services Lead

Marc is our Group’s Infrastructure and Managed Services lead with over 18 years’ experience in delivering infrastructure projects across multiple industry verticals and international jurisdictions.  From projects in Aerospace and Engineering through to Banking and Insurance, from Europe, China, Africa and Australia.

This experience is matched with a varied list of certifications from leading industry vendors such as Hp, Cisco, Microsoft, Ruckus, CompTIA and more.  As a qualified technical trainer Marc is comfortably able to take complicated technical concepts and deliver them in simplistic terms to key decision makers and end users alike.

Most of Marc’s experience has been gained working for managed service providers, both large and niche and as such is able to take real world experience and blend it with industry standards to help align our service delivery with our clients values and processes.

Alexandria halsall

Marketing Executive

As a Marketing Executive, Alex is responsible for all marketing duties spanning the Riela Group.

Alex joined the Riela Group in August 2020, shortly after graduating with a Psychology degree from Nottingham Trent University.

With past work experience in content marketing, event management and web design, Alex is able to apply her creative and analytical skills into the Riela strategy.

Matthew Roberts

Head of Sales

As the Head of Group Sales at the Riela family of companies, Matthew leads the company’s sales strategy, execution, and growth.

Matthew has a successful record building trusted client relationship and delivering upon set expectations. An accomplished sales leader, he delivers a sales process that provides clients with the information and support they need to make the right decisions for their organisations and their constituents.

Matthew has significant experience within the maritime industry having previously worked across various sectors including insurance, security, satellite communications and managed IT. Matthew’s most recent experience encompasses almost 5 years spent with the leading satellite communications and managed IT provider in the maritime industry, focusing on their superyacht clientele.

Christian Goelz Riela Cyber

christian goelz


Christian is involved across the Riela family of companies with particular attention to the technology businesses, Cyber and Tech.

Christian gained a postgraduate Master in Finance degree at the University of Neuchatel, Switzerland and completed his MBA at the University of Chicago Booth School of Business.

Before joining us, Christian worked for six years at Argosy Capital, an Isle of Man-based private equity and venture capital business focusing on early-stage growth businesses. At Argosy, he focused on managing investment companies, research and financial analysis and served as a director on several boards.


Riela Group Managing Director

Robert Tobin is the Managing Director of the Riela Group of Companies and is responsible in overseeing our business operations, our people and driving excellence in all we do.

Rob brings over 25 years’ of successful leadership and entrepreneurial experience across a range of industries including Family Office, corporate services, construction engineering, Superyachts, cyber security and information technology development to our Group, and to our customers.

In the past 15 years Rob has gained a prominent reputation within the Superyacht industry for his passion, integrity, innovation and achievements to date.

“Being part of an awesome, capable and forward thinking team that have a shared passion for Superyachts, people and the environment is the highlight of my career and puts a smile on my face and a spring in my step everyday”.

Peter Astell Burt


Peter is an experienced technology consultant with a demonstrated history of working in the IT and cyber security industry.  Skilled in Search Engine Optimization (SEO), IT Strategy, Start-ups, Regulations, and Online Gaming. Strong consulting professional with a DPhil focused in Natural Sciences from ChristChurch, Oxford.

Tim Bliss

Tim Bliss


Tim Bliss, Managing Director of Riela Tech since the company foundation in 2015 and Director of Riela Cyber, brings over 20 years’ of successful leadership experience across a range of industries including finance and banking, software development, and manufacturing, as well as cyber security and information technology. Prior to forming the company he led the technology for Manx Financial Group PLC, where he was instrumental in business systems transformation.

“It is our hugely capable team of experts that drives our business – it is fantastic and rewarding to be able to use technology, intelligence, and great customer service to help make our clients’ business and staff progressively more efficient resilient and secure”