Cyber Essentials Plus

Cyber Essentials Plus Involves a technical audit of the systems that are in-scope of the assessment.

What is Cyber Essentials Plus

11-cyber-essentials-plus

Cyber Essentials Plus is a separate certification that can be beneficial in addition to the Cyber Essentials programme. CE Plus is the highest level of certification offered under the Cyber Essentials Scheme. Like the standard Cyber Essentials certification, it covers everything your business should do to defend itself from a whole range of cyber-attacks, but CE Plus is a more rigorous test of your organisation’s cyber security systems.

Cyber Essentials Plus still has the same simple approach as Cyber Essentials and the protections you need to put in place are the same, but CE Plus requires a technical audit of the systems that are in scope of the assessment.

It contains an external vulnerability scan so you can see how robust your defences are against basic hacking and ensure that the correct controls are in place. It also includes an independent assessment by a licensed auditor. For CE Plus certification, an appraisal of a representative set of user devices, internet gateways and all servers accessible to internet users will be completed. The testing involves an assessor connecting remotely to a sample of your devices, including Laptops/Desktops and Mobile devices.

0 %
of organisations had reported cyber security breaches or attacks in the last 12 months.
0 %
Reduces your cyber risk approximately
0 %
Paying for cybersecurity insurance that DOESN'T cover ransomware

The Benefits of Cyber Essentials Plus

Customers and stakeholders can rest assured that you have not only implemented a high standard of controls to protect against cyber-attacks, but your cyber security has been externally audited by a Cyber essentials Certification body. Cyber Essentials certification is also completed annually, which will reassure customers and stakeholders that you are continuously monitoring and working on improving your cyber security systems.

CE Plus certification does not ensure complete compliance with GDPR, however it does help your organisation to protect any sensitive data by ensuring that your security measures are adequate. Both internal and external vulnerability assessments are completed during the programme, which will lead to improved controls, which can reduce the impact of potential attacks and or data breaches, which will then in turn improve GDPR compliance within your organisation.

Implement best-practice technical controls to protect against common (and not so common) cyber-attacks. The government-backed CE plus programme will also provide a full report highlighting findings and improvements that need to be made before certification is awarded, providing you with the reassurance that your cyber security system has had thorough and rigorous testing. By holding CE and CE Plus certification, you can rest assured that any data held by your organisation is protected against over 80% of common cyber threats.

The CE Plus certification also includes automatic cyber liability insurance for any UK organisation who certifies their whole organisation and has less than £20m annual turnover ( terms apply.)

As well as having the ability to bid for government tenders, a CE Plus certification will help your organisation to win new business by not only displaying a commitment to cyber security, but by also demonstrating your cyber credentials

Testimonial

What we do

Here at CyberSecuritiesUK, we are a Certification Body, for the Cyber Essentials Plus certification. We have been trained and licenced by the IASME consortium, to work with you to help you become Cyber Essentials certified. We aim to make the CE Plus programme as straightforward as possible.

Learn More about Cyber Essentials Plus

Schedule a 15 minute chat with an expert...

Frequently Asked Questions

Yes, in fact we would recommend it. You will need to complete your CE Plus audit within 3 months of your last CE basic certification. Alternatively, you can complete the online assessment as part of the Cyber Essentials Plus certification.

Yes, you need to complete the online CE assessment as part of the Cyber Essentials Plus certification and must do so prior to the Cyber Essentials Plus audit.

All new certificates issued by the IASME will have a 12-month expiry date.

Our CE Plus Packages

Lots of Help

£ 2250 + VAT
  • As Base Package
  • As little bit of help
  • Preparation Support
  • Daily Vulnerability Report
  • Ongoing Vulnerability Advice via email
  • 2 X 1 Hour - Vulnerability Report/General Advice Meetings – Typically 10 days and 3 days prior to your formal assessment  

Little Bit of Help

£ 1750 + VAT
  • As Base Package
  • Qualys Cloud Vulnerability Agent – Weekly reporting
  • Mock assessment (two weeks in advance of your formal CE+ assessment day)

Base Package

Up to 6 Audited Workstations
£ 1500 + VAT
  • Installation of Qualys Cloud Vulnerability Agents on the day of the assessment
  • External scanning for any cloud/onsite devices in scope
  • Onsite/Remote visit by CE+ Assessor to 1 business location
  • Cloud Agent for duration of the programme
  • Cyber Essentials Plus Certificate (if the standard is met)