Cyber Essentials Plus
Demonstrate easily to your customers that you mitigate 80% of the most common Cyber threats. Third Party Audited. UK Government recognised, free Cyber Insurance, low cost
How can it help me
Demonstrates commitment to cyber security – audited
Audited Cyber Essentials
Simply put Cyber Essentials Plus is the same as Cyber Essentials however we will perform a technical audit to validate your answers. The audit centers around the 5 core cyber controls.
Key Benefits
Four common benefits:
1. Preventing common cyber attacks – keep promises to your clients
2. Win new business – Competitive advantage, required for some contracts
3.Keep existing business – Demonstrating you keep their information safe
4. Recruit & retain the best talent – demonstrating professionalism.
Lowest Effort
YourDigitalCTO minimises the effort you need to achieve certification in a number of ways:
1. Plain English, No Jargon, Non Technical questions – distilled from the large list
2. At a time to suit you – complete when you have time, video call support
3. Simple, easily implementable and often free solutions to resolve any gaps.
Five core controls
The audit areas of Cyber Essentials Plus includes the following verifications:
1. Firewall best practices applied
2. Software is licensed and patched
3. Viruses & Malware software – updated, running and best practices applied
4. Access – minimum access, best practice
5. Devices – updated, configured against best practice.
National Cyber Security Centre
Be confident
(UK only, under £20m turnover)
Learn more
Frequently Asked Questions
We don’t offer a standard Cyber Essentials Plus certification, you wont be presented with a long list of technical questions and be expected to form a sensible answer.
Step 1
We provide a curated list of non technical, plain English and non Jargon questions about how you do certain things, we provide guidance and mention who might be better to answer.
If you cant’ answer don’t worry – we move to Step 2
Step 2
We review and seek clarification – either via a short video call or over email – whichever you prefer. Again non-technical, we will probe until we get the answers we need.
Step 3
We compare your answers against the standard, at this stage we identify any configuration, processes or setup that means you wouldn’t achieve certification. For each ‘gap’ we provide guidance, explain why it’s important and more importantly explain a few solutions to close the gap.
These could be as simple as having a process/procedure (which we can supply), installing some software or changing some settings.
Step 4
We confirm your new answers based on closing the gaps.
Step 5
We perform the technical audit, we prepare a time for a remote access to core systems to perform the necessary checks. Should you fail any you will be notified and guidance to resolve will be provided – we will reschedule for a suitable time.
Step 6
When we complete the technical audit successfully we submit your details and Congratulations you are now Cyber Essentials Plus certified, you will receive your cyber insurance if eligible.
Your certification is valid for 12 months, unlike other organisations we reward you for renewing with us – renewal is a simple process.
On renewal we will ask you if there have been any changes in your business (e.g. has your team size grown, have you changed software etc) – we support in updating your answers (and closing any gaps as before).
This is a great opportunity to review your security arrangements, remind your team how to keep your organisation safe and ensure you are following these best practices.
Their is nothing standard about our Cyber Essentials, we don’t just provide a list of standard questions, we don’t leave you to your own devices, we actively support you in providing multiple options to achieve certification.
As part of our service our goal is to support and educate organisations to understand good digital governance – of which cyber essentials is part. We appreciate some organisations just wish to be certified which is fine, but we offer an additional awareness of what good digital governance can do (less supplier costs, less digital risks etc).
With our Cyber Essentials offering actually not very much!
Cyber Essentials Plus is an audited certification, this means rather than self certifying that you comply with the standard an audit of your answers to check you have answered truthfully. Cyber Essentials Plus from other suppliers typically has more engagement than Cyber Essentials – in most cases their engagement is the same we offer to our Cyber Essentials clients.
Due to the fact we have supported you on gathering your answers, identified any gaps and helped closed those we can assure you that you will pass. All we ask is that you follow one of the solutions we propose to close each gap and answer truthfully.
On passing Cyber Essentials, being a UK company with turnover under £20 million you can agree to receive the free cyber insurance (you can also choose to opt out).
You will always receive 1-to-1 support, we will work to your timetable and your capabilities – the goal here is simple – help your organisation protect itself from 80% of the most common cyber attacks – certification is the cherry on top!
We want you to be 100% happy at all times, once you are certified there are no refunds however until the time of certification we want you to be 100% happy and if you aren’t for any reason, and we can’t resolve that we will refund 100% of any monies paid for that service.
He is highly knowledgeable and takes the time when necessary to explain things in layman’s terms so I actually understand what he means.
Stephen Taylor-brown