Data being processed by servers in a data centre

Cyber Essentials Plus

Overview

What is Cyber Essentials Plus?

Cyber Essentials is a UK government-endorsed standard designed to help businesses of all sizes minimise their security risk and demonstrate a commitment to the protection of personal information relating to employees, customers, partners and investors.

The Cyber Essentials scheme, part of the UK’s National Cyber Security Programme, is designed to help businesses of all sizes minimise their security risk and demonstrate a commitment to the protection of personal information relating to employees, customers, partners and investors. Cyber Essentials covers common security threats such as malware infections, social engineering attacks and hacking. It involves an annually verified assessment of key security controls that can help organisations to defend against common attack vectors that target enterprise-level and corporate IT systems.

Cyber Essentials Plus is the second level of the certification, requiring a hands-on technical verification of security controls. Redscan offers organisations the in-depth security knowledge and assessment services required to obtain Cyber Essentials Plus certification.

Protection of key assets

By highlighting common vulnerabilities affecting assets including firewalls, systems, websites and software applications, the Cyber Essentials scheme helps businesses reduce their information security risk.

Verified accreditation

Receiving independent verification of key security controls by Redscan demonstrates the effectiveness of systems, people and processes in defending against a wide range of cyber threats.

Enhanced reputation

Demonstrating to customers, partners and investors that cyber security is taken seriously improves outside perception and can provide a key competitive advantage.

Eligibility for public sector contracts

Cyber Essentials certification is mandatory for any business wanting to bid for a central government contract that involves the handling of sensitive or personal information.

CE Plus

Reasons to choose Cyber Essentials Plus

Cyber Essentials Plus certification is the level recommended for businesses that want to demonstrate a higher level of security assurance. To receive certification, organisations must permit Redscan to perform an on-site inspection to verify the findings of a questionnaire and conduct internal and external vulnerability assessments.

In-depth testing and insight

By performing internal and external vulnerability assessments as well as an on-site inspection of systems and policies, Redscan’s experts thoroughly investigate a business’s network to identify vulnerabilities that a self-assessment could easily overlook.

Tailored assessment

Independent Redscan assessment can be tailored to certify a whole organisation or sub-set of it. Cyber Essentials Plus requires appraisal of all network infrastructure including cloud services, bring your own devices (BYOD) and commercial applications.

Comprehensive reporting

After each assessment, Redscan produces a detailed report of key findings. This includes, as appropriate, any remediation steps required for a re-test to be conducted.

End-to-end assistance

Assistance every step of the way helps businesses complete the initial self-assessment questionnaire, as well as the on-site checks and vulnerability assessment conducted by Redscan.

Managed Detection and Response

Award-winning support to rapidly detect and respond to the latest threats 24/7

Assessment Services

Specialist engagements to uncover and address hidden cyber security risks

Managed Security Services

Expert help to manage and monitor your choice of security technologies

Get in touch

Complete the form for a prompt response from our team.

From the blog

From the blog Case studies Latest news

2nd March 2021

Webinar: Protecting cloud workloads

17th February 2021

Emotet is down but its legacy remains: lessons learned

11th February 2021

Redscan analysis of NIST NVD reveals record number of critical and high severity vulnerabilities in 2020

5th February 2021

Webinar: Emotet – a post-mortem?

Specialist Bank

Raising the bar by uncovering vulnerabilities across a bank’s estate

IPL Plastics

Protecting a global manufacturer’s critical systems

Bernhard Schulte Shipmanagement

Protecting a global shipping business against ransomware

Intermediate Capital Group

Safeguarding critical client assets worth billions

24th February 2021

Cyber attacks reported as rising by 20% in 2020

A new report has highlighted that pandemic-related threats contributed to a 20% increase in cyber security threats in 2020.

16th February 2021

Redscan’s NIST NVD analysis reveals record number of critical and high severity vulnerabilities in 2020

Our new report explores the more than 18,000 Common Vulnerabilities and Exposures (CVEs) logged to NIST’s National Vulnerability Database in 2020. It reveals that well over half (57%) were rated ‘high’ or ‘critical’ severity – the highest recorded figure for any year to date. Read the report here.

9th February 2021

Only a third of UK organisations offer cyber security training for remote workers

According to a new report, just a third of UK organisations have offered staff working from home any cyber security training, despite the rapid rise in remote working.

2nd February 2021

UKRI suspends services due to ransomware attack

UK government body, UK Research and Innovation (UKRI), has had to take a number of services offline while it investigates a ransomware attack on its systems which took place at the end of January. The attack led to the encryption of data by a third party and affects a number of its online assets.

Contact Us

Cyber Essentials Plus

What is Cyber Essentials Plus?