Cyber Essentials Plus Certification

Cyber Essentials Plus certification for every UK business

Cyber Essentials helps guard your business from the most common cyber threats. It also helps you demonstrate the commitment you have towards cyber security. It is a certification program focused on basic cyber security controls that was created by the UK government's National Cyber Security Centre and the Information Assurance for Small and Medium Enterprises (IASME) consortium.

Cyber Essentials

Cyber Essentials Plus Certification

Cyber Essentials Plus certification builds on the core Cyber Essentials requirements. This is by adding some additional elements focused on more rigorous verification and ongoing compliance.

Cyber Essentials Plus certification builds on the core Cyber Essentials requirements. This is by adding some additional elements focused on more rigorous verification and ongoing compliance.

Document-01

External verification

Cyber Essentials only requires a self-assessment questionnaire. However, Cyber Essentials Plus, requires an independent external IT security professional to audit the implementation of technical controls through validation testing and examination of policies and procedures.

Clipboard-01

Assurance Framework

Company’s must develop a framework explaining how they will maintain compliance with Cyber Essentials controls on an ongoing basis across changes to systems, offices, employees and more.

Test-01

Simulation testing

As well as testing the current efficacy of controls, external auditors must simulate real-world cyber attack scenarios. This is to evaluate whether the company’s security posture stands up to threats.

Cog-01

Ongoing audits

The certification must be renewed annually. This is also including an onsite audit, ensuring security provisions do not reduce over time. Audits ensure that as the threat landscape changes, controls are kept up to date.

Tick-01

Cyber insurance

£25K of cyber insurance coverage is included to support incident response and recovery costs in the aftermath of a breach.

Cyber Essentials Plus Certification for your business

The extra rigor, testing, and auditing required for Cyber Essentials Plus aims to provide increased confidence in the company’s cyber security measures. The ongoing auditing and simulation testing focuses on cyber resilience. This is the ability to both resist attacks and recover normal operations quickly. Together, these additions result in a more comprehensive and externally validated defence against cyber threats.

Speak with us

Let our security consultant's walk you through how to protect your company

    Your contact details will be handled according to the CIS privacy policy and only used to respond to your enquiry.