Data being processed by servers in a data centre

Cyber Essentials Plus

Overview

What is Cyber Essentials Plus?

Cyber Essentials is a UK government-endorsed standard designed to help businesses of all sizes minimise their security risk and demonstrate a commitment to the protection of personal information relating to employees, customers, partners and investors.

The Cyber Essentials scheme, part of the UK’s National Cyber Security Programme, is designed to help businesses of all sizes minimise their security risk and demonstrate a commitment to the protection of personal information relating to employees, customers, partners and investors. Cyber Essentials covers common security threats such as malware infections, social engineering attacks and hacking. It involves an annually verified assessment of key security controls that can help organisations to defend against common attack vectors that target enterprise-level and corporate IT systems.

Cyber Essentials Plus is the second level of the certification, requiring a hands-on technical verification of security controls. Redscan offers organisations the in-depth security knowledge and assessment services required to obtain Cyber Essentials Plus certification.

Protection of key assets

By highlighting common vulnerabilities affecting assets including firewalls, systems, websites and software applications, the Cyber Essentials scheme helps businesses reduce their information security risk.

Verified accreditation

Receiving independent verification of key security controls by Redscan demonstrates the effectiveness of systems, people and processes in defending against a wide range of cyber threats.

Enhanced reputation

Demonstrating to customers, partners and investors that cyber security is taken seriously improves outside perception and can provide a key competitive advantage.

Eligibility for public sector contracts

Cyber Essentials certification is mandatory for any business wanting to bid for a central government contract that involves the handling of sensitive or personal information.

CE Plus

Reasons to choose Cyber Essentials Plus

Cyber Essentials Plus certification is the level recommended for businesses that want to demonstrate a higher level of security assurance. To receive certification, organisations must permit Redscan to perform an on-site inspection to verify the findings of a questionnaire and conduct internal and external vulnerability assessments.

In-depth testing and insight

By performing internal and external vulnerability assessments as well as an on-site inspection of systems and policies, Redscan’s experts thoroughly investigate a business’s network to identify vulnerabilities that a self-assessment could easily overlook.

Tailored assessment

Independent Redscan assessment can be tailored to certify a whole organisation or sub-set of it. Cyber Essentials Plus requires appraisal of all network infrastructure including cloud services, bring your own devices (BYOD) and commercial applications.

Comprehensive reporting

After each assessment, Redscan produces a detailed report of key findings. This includes, as appropriate, any remediation steps required for a re-test to be conducted.

End-to-end assistance

Assistance every step of the way helps businesses complete the initial self-assessment questionnaire, as well as the on-site checks and vulnerability assessment conducted by Redscan.

Managed Detection and Response

Award-winning support to rapidly detect and respond to the latest threats 24/7

Assessment Services

Specialist engagements to uncover and address hidden cyber security risks

Managed Security Services

Expert help to manage and monitor your choice of security technologies

Get in touch

Complete the form for a prompt response from our team.

From the blog

From the blog Case studies Latest news

30th April 2021

Webinar: Microsoft 365 – a red team guide to avoiding cloud misconfigurations

27th April 2021

Penetration testing steps: a guide to what’s involved in an assessment

23rd April 2021

The rise and fall of the Emotet botnet

19th April 2021

SC Awards 2021: Redscan a finalist in three categories

National Homebuilder

Ensuring threat visibility across a hybrid cloud network

Specialist Bank

Raising the bar by uncovering vulnerabilities across a bank’s estate

Global Plastics Manufacturer

Protecting a global manufacturer’s critical systems

Global Shipping Company

Protecting a global shipping business against ransomware

5th May 2021

Third parties linked to data breaches at 51% of organisations

New research has shown that 44% of organisations experienced a security breach within the last 12 months, of which 74% identified the cause as privileged access given to third parties.

26th April 2021

Emotet malware erased around the world

The Emotet botnet was permanently deleted on April 25th. This follows its takedown in January. Redscan shared advice about the last opportunity to hunt for evidence of Emotet infection and related malware.

6th April 2021

Ransomware and exchange server attacks increase significantly

New research has revealed significant surges in ProxyLogon attacks and ransomware. The research shows a 57% increase in ransomware attacks over the past six months, with the number of affected organisations rising by 9% each month to date in 2021.

31st March 2021

Redscan research suggests NHS security improvements

Our NHS FOI analysis reveals that NHS trusts made notable improvements to cyber security in 2020, despite the pressures of COVID-19. View some of the news coverage here.

Contact Us

Cyber Essentials Plus

What is Cyber Essentials Plus?