Cyber Essentials Plus Certification

We have successfully renewed our Cyber Essentials Plus certification for the whole organisation. 

Cyber Essentials Plus is currently a minimum requirement when bidding for public contracts and will soon become a standard across the UK.

The scheme is available at two levels and designed for all sizes of organisation:

•    Cyber Essentials: an independently verified self-assessment. Organisations assess themselves against five basic security controls and a qualified assessor verifies the information provided.

•    Cyber Essentials Plus: a higher level of assurance. A qualified and independent assessor examines the same five controls, testing that they work in practice by simulating basic hacking and phishing attacks.

The controls within Cyber Essentials were chosen because, when properly implemented, they will help to protect against 80% of cyber-attacks. These attacks are unskilled internet-based attackers using low-level commodity capabilities – which are freely available on the internet.

It lists five technical controls (access control; boundary firewalls and internet gateways; malware protection; patch management and secure configuration) that all organisations should have in place.

The government-backed, industry-supported certification perfectly complements our ISO27001 certification by demonstrating our expertise in managing information security risks as well as controlling our technical infrastructure.