What are Cyber Essentials and Cyber Essentials Plus?
Cyber Essentials (CE) and Cyber Essentials Plus (CE+) are Government-backed certifications, created to provide organisations at all levels, across all sectors with a clear baseline for effective cyber security, designed to continually evolve in response to shifts in the threat landscape.
Organisations typically begin with CE, which requires them to complete a self-assessment questionnaire, covering the key aspects of the cyber security posture. This is then verified by the Information Assurance for Small and Medium Enterprises (IASME).
CE+ builds on this and must be earned within three months of earning the CE certification. If it has not been earned within this timeframe, the organisation must start the process again. The CE+ assessment process is much more rigorous, involving an independent, on-site review of organisations’ security capabilities and a full vulnerability scan.