“CAB are a helpful, reliable, and efficient IT Company who are always happy to help.”
Clive Patch – Director
About MJ Patch
MJ Patch is one of the South West’s leading steel fabrication specialists, established in 1955 and now employing over 60 staff. As the business continued to grow and take on larger, more security‑sensitive contracts across the UK, demonstrating strong cyber resilience became increasingly important. Achieving Cyber Essentials (CE) certification was identified as a key step in proving their commitment to security and meeting customer expectations.
Background
CAB had already been managing MJ Patch’s IT environment to Cyber Essentials standards through our Baseline Security Package, meaning many of the required controls were already in place. Building on these foundations, CAB guided MJ Patch through the full Cyber Essentials certification process – ensuring alignment across people, processes, and technology.
With a culture of continual improvement and a clear focus on protecting the business against common cyber threats, MJ Patch successfully achieved Cyber Essentials certification and now operate with strengthened security foundations and leadership‑driven cyber awareness.
Requirements
- Achieve full Cyber Essentials certification
- Implement CE requirements consistently across the organisation
- Strengthen top‑down security culture
- Reduce risk and give leadership confidence in long‑term cyber resilience
Solutions Delivered
1. Preparing for Certification with Existing CE-Aligned Controls
Through CAB’s Baseline Security Package, MJ Patch already had mature foundations aligned to Cyber Essentials, including:
- Centralised IT management
- Strong authentication and password controls
- Proactive monitoring and threat detection
- Secure Microsoft 365 configuration
- Device management and patching
This positioned them strongly for the formal certification process.
2. Delivery of the Five CE Technical Controls
CAB ensured the entire organisation was fully aligned with the five mandatory Cyber Essentials controls:
- Firewalls & Internet Gateways
Ensuring secure perimeter and device-level protection - Secure Configuration
Hardening devices, removing unnecessary services, and enforcing best practice - User Access Control
Ensuring least‑privilege access, MFA, and strong identity security - Malware Protection
Using monitored and managed anti‑malware technologies across all endpoints - Security Update Management
Ensuring systems, apps, and devices were patched promptly and consistently
With these controls thoroughly implemented, MJ Patch met all technical requirements for certification.
3. Security Culture Led from the Top
Cyber Essentials also requires engagement from leadership. CAB supported MJ Patch in:
- Establishing clear internal ownership of security
- Embedding CE requirements into day‑to‑day processes
- Ensuring directors and managers championed best practice
- Creating organisation‑wide alignment on cyber resilience
This helped CE become part of the company’s culture rather than a one‑time project.
4. Employee Training, Awareness & Process Improvement
CAB strengthened the human layer of security through:
- Ongoing cyber awareness training
- Phishing simulations
- Clear internal security policies
- Improved incident response processes
- Better user understanding of Cyber Essentials controls and responsibilities
Staff became more confident, vigilant, and aware of how to handle cyber threats.
5. Managed Services to Maintain CE Long Term
CAB continues to provide ongoing management and monitoring through a comprehensive service package that includes:
- Unlimited IT Support & 24/7 Monitoring
- Mobile Device Management
- Microsoft 365 Security Hardening
- Vulnerability Scanning & Remediation
- Cyber Security Training
- Phishing Simulation & Dark Web Monitoring
- Endpoint Device Management
- Endpoint Detection & Response (EDR)
- Password Management
- Microsoft 365 Backup to Independent Servers
This ensures MJ Patch remain compliant and protected long after certification.
Results
✓ Cyber Essentials Certified
MJ Patch now holds full Cyber Essentials certification, demonstrating robust protection against the most common cyber threats.
✓ Complete implementation of CE technical controls
Firewalls, secure configuration, user access control, malware protection, and security update management are fully in place and continually monitored.
✓ Security culture driven by leadership
Senior management champion cyber resilience, setting expectations and standards across the business.
✓ Educated and security‑aware workforce
Regular training and simulations ensure staff know how to identify and respond to threats.
✓ Improved internal policies and processes
CAB supported MJ Patch in strengthening documentation, governance, and incident readiness.
✓ Peace of mind and long‑term resilience
With managed services and CE compliance in place, MJ Patch benefit from a secure and future‑proof IT environment.
✓ Ongoing partnership and protection
CAB continues to guide MJ Patch as threats evolve – ensuring compliance is maintained.
“CAB are a helpful, reliable, and efficient IT Company who are always happy to help when we have an issue no matter how big or small. We have used CAB for over 20 years and would recommend them highly.”
Clive Patch – Director
