Cyber Essentials and Cyber Essentials Plus Compliance

Back to Blog

Cyber Essentials and Cyber Essentials Plus Compliance

Cyber Essentials is a UK government-based scheme that helps participating organizations protect themselves, regardless of size, against a range of common cyberattacks. 

Cyberattacks come in many shapes and sizes, but the vast majority are very basic in nature, carried out by relatively unskilled individuals. They’re the digital equivalent of a thief trying your front door or window to see if it’s unlocked. 

The scheme identifies two levels of certification: 

Cyber Essentials 

The self-assessment option provides protection against the most common cyberattacks. Vulnerability to basic attacks can mark you as a target for more in-depth, unwanted attention from cyber criminals that leads to greater risk and greater expense. 

Certification verifies that your defences will protect against the majority of common cyberattacks simply because these attacks are looking for targets which do not have the Cyber Essentials technical controls in place. 

Cyber Essentials shows you how to address those targets and prevent the most common attacks. 

Cyber Essentials Plus 

Cyber Essentials Plus still has the Cyber Essentials simplistic approach, and the protections you need to put in place are the same, but Cyber Essentials Plus adds a hands-on technical verification to officially validate the steps. 

Large organisations that provide remote access to employees and have given remote access to their employees must get cyber essentials plus certification. 

During Cyber Essentials Plus certification, an external certification body test your security practices. They carry out different tests to check for vulnerabilities and test your solutions for virus and malware protection. 

Want to find out more about Compliance Manager and how it can help you manage Cyber Essentials and Cyber Essentials Plus compliance, as well as many other mandated regulations? Request a demo of Compliance Manager GRC today.