Cyber Essentials Plus vs Cyber Essentials – what’s the difference?
You might have already laid the groundwork for effective cybersecurity defences and secured your Cyber Essentials certificate. But did you know that once you’ve had your accreditation for over three months, you can upgrade to a more stringent certification that amplifies your defence settings?
Achieving Cyber Essentials Plus should be the next step in your cybersecurity strategies.
Cyber Essentials Plus goes beyond the fundamental protections available within the initial CE accreditation. It requires more rigorous testing and includes a hands-on technical verification by our trained experts to identify (and rectify) any internal or external vulnerabilities.
It follows the same, easy-to-understand approach and remains focused on the same five areas of concern. But thanks to the technical audit, you can verify that your CE controls are in place and working as they should.
Within your CE+ application, you will undertake a vulnerability scan and have an on-site assessment of your systems. This may include a review of your policies, procedures and technical controls.
The independent assessor will likely
- Select a sample of computers to confirm that all devices are configured according to the CE standards.
- Conduct a vulnerability scan to confirm that the patching and basic configuration is correct.
- Conduct an external port scan of your internet-facing IP addresses to identify if there are any clear misconfigurations or vulnerabilities.
- Test your default email/internet browser to confirm if they can identify any fake or malicious files.
Our knowledgeable team will guide you through the process and provide you with the insights you need to make a business case for investing in Cyber Essentials Plus.
Is Cyber Essentials Plus right for your business?
In an ideal world, all businesses throughout Suffolk should benefit from Cyber Essentials Plus.