Cyber Essentials Plus
CYBER ESSENTIALS PLUS
serious about cyber security
Prevent cyber incidents by achieving Cyber Essentials with Cyberlab. We offer a range of options depending on your requirements and technical ability. Cyberlab are licensed to certify organisations against both the government backed Cyber Essentials and Cyber Essentials Plus schemes.
What are the
The scheme addresses the following five key controls that, when implemented correctly, can prevent around 80% of cyber attacks.
- Secure configuration
- User access control
- Malware protection
- Patch management
How do we achieve the
As a Certification Body for IASME, Cyberlab are authorised to assess against the scheme but also to provide consultancy to support organisations to achieve the certification.
guidance and support
How can Cyberlab help us through the
We have a team of experienced Assessors who will support you through the journey from start to finish. Using a combination of methods to communicate and deploy testing but ultimately, we are always at the end of the phone when you need us.
What are the benefits of achieving
Cyber Essentials Plus?
Reassure customers that you are working to secure your IT against cyber attacks and have a clear picture of your organisation's cyber security posture.
Cyber Essentials Plus FAQ
Cyber Essentials Plus provides a more advanced level of assurance and includes a technical audit of the systems that are in scope for Cyber Essentials. Organisations applying for Cyber Essentials Plus must also pass an on-site/remote assessment and an internal vulnerability scan, plus an external vulnerability scan conducted by Cyberlab.
Only certification bodies that have been trained and are currently licensed by IASME to certify against the government’s Cyber Essentials scheme can undertake assessments and issue certificates. Cyberlab assessors are IASME trained and Cyberlab is licensed to deliver Cyber Essentials and Cyber Essentials Plus certifications.
Do not worry, it is actually quite uncommon for an organisation to pass Cyber Essentials Plus without any remediation required.
If you fail the assessment, the assessor will prepare a report outlining the reasons and the remediation work that is required in order to achieve a pass. There is then a 30 day retesting window where the organisation can carry out the remediation steps that are listed. Cyberlab can then retest just those areas which resulted in the fail within the 30 day retesting window, if those vulnerabilities are found to have been mitigated then Cyberlab will then be in a position to award a pass for Cyber Essentials Plus.
Yes, Cyber Essentials Plus is a verification assessment of the controls listed in the Cyber Essentials self-assessment questionnaire.
All organisations must achieve Cyber Essentials first, they then have a 3 month window to schedule their Cyber Essentials Plus assessment.
This depends on the size of your network and how many devices make up the sample the Cyber assessor will need to test.
Generally, we are able to complete all testing within one business day and will prepare a schedule with you in advance to minimise disruption to your business.
For Cyber Essentials, once you have completed the self-assessment questions on the online portal we aim to turnaround all assessments within 24 hours.
For Cyber Essentials Plus, this must be carried out within 3 months of achieving the CE accreditation. The CE+ requires an on-site audit which can be scheduled as soon as a signed order is request and a CE pass is in place.
We will email you with a reminder in advance of your expiry date outlining the steps involved in order to work through your renewal.
In order to achieve a pass and be awarded the Cyber Essentials Plus accreditation an organisation must pass all of the five tests that make up the Cyber Essentials Plus assessment.
Yes, in advance of your scheduled Cyber Essentials Plus assessment we will send you a pdf document which outlines the tests that will be involved and what is required on the day.
There is nothing we require you to do in advance of your assessment, this document is for information only.