Why Our Cyber Essentials Accreditation Matters

 Photo of Kevin Donoghue, solicitor, who explains Cyber Essentials accreditation.

Kevin Donoghue, Solicitor, explains why Donoghue Solicitors’ Cyber Essentials accreditation matters.

By Kevin Donoghue, solicitor director of Donoghue Solicitors

Q. What do

  • Cambridge University
  • the Scottish Football Association
  • Lloyds of London
  • the Co-operative Bank
  • Donoghue Solicitors

have in common?

A. They are all Cyber Essentials accredited.

We recently became part of this exclusive club. This is why.

What is the Cyber Essentials Scheme?

The UK government set up Cyber Essentials through the National Cyber Security Centre. (This is a division of Government Communications Headquarters (GCHQ).)

Cyber Essentials is a “world-leading” cyber security assurance scheme. It aims to help organisations adopt good practice on information security and protect against cyber-attacks.

Why Did Donoghue Solicitors Get Cyber Essentials Accredited?

Getting a Cyber Essentials certificate was a natural progression for us. We take our clients data security seriously. As I explained here, this commitment includes how you use our website. You might have noticed that it is secure (https instead of basic http) and uses Extended Validation (EV). We use industry-leading 256-bit encryption keys and EV, so you can tell that we own the site. You can trust it by checking at the top of your internet browser for

? Donoghue Solicitors Ltd [GB] | https://www.donoghue-solicitors.co.uk

Other companies using the same system include

  • Santander
  • PayPal
  • Apple
  • John Lewis
  • Tesco.

Most law firms have not taken these steps to protect their websites’ users. Time and money are involved. But your confidence and online protection are worth it to us.

Cyber Essentials accreditation proves that our commitment to your online security extends to other areas. It shows that we have implemented technical controls to address essential cyber risks.

Photo of Donoghue Solicitors' Cyber Essentials accreditation badge.

Donoghue Solicitors’ Cyber Essential Accreditation.

What is the Certification Process?

Organisations must apply security and technical controls in five areas to get certified. These are:

  1. Boundary Firewalls and Internet Gateways
  2. Secure Configuration
  3. Access Control
  4. Malware Protection
  5. Patch Management.

To prove that we applied them, we

  • reviewed our entire IT system with a focus on cyber-based threats.
  • prepared policy documents and made sure they met the scheme requirements.
  • put the policies in action, adopting the latest technology where necessary.

Only then could we apply for certification. This involved completing a questionnaire and providing documents in support. An external certifying body appointed by the government vetted our submission. We passed the certification process at the first attempt.


I understand that we are now one of fewer than 2% of law firms nationwide with Cyber Essentials accreditation. This exhaustive process took time, money, and staff resources. I am proud of the work we did to earn accreditation. But the certificate is just the beginning. Cyber risks are changing. Attacks get more sophisticated every day. We will do everything we can to protect our clients’ data. You can have the highest level of confidence when sharing sensitive and personal information with us.

Contact Donoghue Solicitors for legal help using our online form or call 08000 124 246.