Skip to main content
Back to News

Cyber Essentials and Cyber Essentials Plus

4th December, 2023

Cyber Essentials and Cyber Essentials Plus are cybersecurity certifications designed to help organisations establish and verify basic security controls and best practices.

Obtaining both Cyber Essentials and Cyber Essentials Plus certifications can be beneficial for organisations, as they provide different levels of cybersecurity assurance and serve distinct purposes.

The UK government developed these schemes to help organisations, both in the public and private sectors, improve their cybersecurity position. They aim to provide a baseline level of cybersecurity assurance and promote good cybersecurity practices.

Cyber Essentials

Objective: Cyber Essentials aims to assist organisations in protecting themselves against common cyber threats.

Self-Assessment: Organisations must complete a self-assessment questionnaire, answering a set of security questions related to their cybersecurity practices and technical controls.

Scope: The certification focuses on five key areas of cybersecurity controls: firewall configuration, secure configuration, user access control, malware protection, and patch management.

Validation: The self-assessment is submitted to a certification body for review. Once the certification body confirms that the organisation meets the required security criteria, it receives the Cyber Essentials certificate.

Benefits: Cyber Essentials certification demonstrates a commitment to basic cybersecurity best practices and can be a requirement for doing business with government agencies and many private sector organisations. It also helps improve an organisation’s cybersecurity posture.

Cyber Essentials Plus

Objective: Cyber Essentials Plus is a more advanced certification that includes a higher level of assurance compared to Cyber Essentials.

External Testing: In addition to the self-assessment questionnaire used for Cyber Essentials, Cyber Essentials Plus involves external testing. A qualified and accredited cybersecurity professional performs vulnerability scans and tests on an organisation’s network and systems to verify the security controls are effectively in place.

Scope: It covers the same five key areas as Cyber Essentials but includes more thorough testing to ensure that the controls are working effectively.

Validation: After successfully passing the external tests, the organisation receives the Cyber Essentials Plus certification.

Benefits: Cyber Essentials Plus provides a higher level of assurance and validation of an organisation’s cybersecurity measures. Organisations or government agencies often require it for more critical and sensitive contracts and partnerships.

Cyber Essentials and Cyber Essentials Plus are cybersecurity certifications designed to help organisations establish and verify basic security controls and best practices.

Cyber Essentials Plus offers a higher level of assurance by including external testing, making it suitable for organisations with more complex security needs or those dealing with highly sensitive data. Both certifications help organisations enhance their cybersecurity posture, reduce cybersecurity risks, and demonstrate their commitment to security to potential clients and partners.

If you’re seeking assistance in navigating the cybersecurity landscape, consider reaching out to Riven.

We prioritise understanding, planning, and adapting to any changes that may impact your environment.

Feel free to contact us at 01784 437 123 or via email at enqs@rivenassociates.co.uk.

Additionally, you can sign up for our monthly newsletter to stay updated on the latest cybersecurity insights and strategies.

Related articles

Data is your responsibility – even if you outsource!

In today's digital age, data is a valuable asset for any business. It can be used to drive growth, improve customer engagement, and gain a competitive advantage.

Read More

Embrace the AI-powered future of work

Transform your daily workflow with Copilot for Microsoft 365, seamlessly integrated into familiar tools like Teams, Word, Excel, and more. This next-gen AI, powered by extensive language models and your Microsoft Graph data, turns natural language into a potent productivity tool. Elevate creativity and efficiency with Copilot, revolutionizing the way you work.

Read More

Building a Collaborative Environment with Microsoft Teams 365

In today's fast-paced business world, effective collaboration is crucial for success, regardless of company size. Microsoft Teams 365 is a powerful tool that streamlines teamwork, boosts efficiency, and simplifies communication. Recent data shows its user base grew from 300 million to 320 million in 2024. Offering chat, video calls, file sharing, and seamless integration with…

Read More

Safeguarding Your Data: Backup and Recovery with Azure

Microsoft Azure offers robust backup and recovery solutions that can help you ensure business continuity and peace of mind..

Read More