Cyber Essentials Plus Certification
Trusted Cyber Security Experts
25+ Years Industry Experience
Ethical, Professional & Pragmatic
Cyber Essentials Plus certification demonstrates that your organisation has been robustly assessed against a UK government-backed cyber security standard.
Cyber Essentials Plus builds on the requirements that are mandated by the Cyber Essentials certification and includes an active assessment that is conducted at your organisations premises.
The Cyber Essentials Plus assessment requires that organisations already have Cyber Essentials certification and includes a number of specific tests which validate that a subset of the five control categories are implemented correctly.
What does the Cyber Essentials Plus assessment cover?
A successful pass in each of the following allows for organisations to be awarded the Cyber Essentials Plus certification:
External Vulnerability Assessment
Ensure that services are not exposed to the Internet that could be compromised by an attacker.
Endpoint Patching Assessment
Ensure that high or critical-rated patches are applied within 14-days of release from the vendor.
Administrator Account Segregation
Ensure that administrator accounts are not used for day-to-day access like sending emails or web browsing.
Multi-Factor Authentication (MFA)
Ensure that Multi-Factor Authentication (MFA) is implemented on services that support it.
Anti-Virus Configuration Review
Ensure that anti-virus protection is enabled securely and is regularly updated to help combat malware.
Email-Based Malware Assessment
Ensure that potentially malicious email attachments are blocked by email services or endpoint protection.
Web-Based Malware Assessment
Ensure that web-based file downloads that may be harmful are blocked by web browsers or endpoint protection.
How much does Cyber Essentials Plus Certification cost?
The features and cost for our Cyber Essentials Plus Certification are as follows:
Cyber Essentials Plus Certification
-
Digital Certificate
-
"CE Plus Certified" Marketing Logo
-
Annual Certification Reminder
-
Vulnerability Assessment Report
-
Free Same-Day Retest
-
Expert Advice & Support
Please note that in order to proceed with your Cyber Essentials Plus assessment, you will need to have already passed Cyber Essentials within 90 days of your organisation being awarded a pass for Cyber Essentials Plus.
Why choose SecureTeam for your Cyber Essentials Plus certification?
SecureTeam are an accredited Certification Body with the ability to perform both Cyber Essentials and Cyber Essentials Plus assessments on your organisation.
All of our Cyber Essentials Plus assessments are conducted by our senior cybersecurity consultants, who have a strong technical background and are trained directly by our Accreditation Body.
We pride ourselves in partnering with our customers to provide guidance and support throughout the certification process. We want to ensure you are fully equipped before we perform your assessment, so that we can maximise your chances of passing first time.
We have hundreds of satisfied Cyber Essentials Plus customers who welcome our professional & pragmatic approach.
Need to book a CE+ Retest?
If we’ve recently conducted a Cyber Essentials Plus assessment for your organisation but you weren’t successful in passing first time round, we can offer you a discounted retest which is 30% cheaper than paying for the full Cyber Essentials Plus assessment again.
Frequently Asked Questions (FAQs)
Some frequently asked questions about our assessment process and the Cyber Essentials scheme in general have been answered as follows:
While the Cyber Essentials scheme provides a good baseline of cybersecurity, it does not go into the same level of detail as other security standards such as ISO 27001.
Cyber Essentials is a great way for organisations who may have no cybersecurity certification, to begin taking steps into formalising their cyber resilience into a recognised accreditation.
Many of our customers who have achieved Cyber Essentials & Cyber Essentials Plus certification have gone on to achieve ISO 27001; however, the approach to achieving ISO 27001 requires many procedural and technical controls to be in place which would not be covered by Cyber Essentials alone.
The Cyber Essentials process requires you to complete an online questionnaire which asks a number of questions and requires appropriate evidence to be added. Once this questionnaire has been completed, one of our assessors will review the answers to determine if your organisations cybersecurity is adequate.
We aim to issue our questionnaires to customers on the same day that we receive the online booking and then review the answers on the same day that we receive a completed questionnaire. With this being the case, you could be certified within a single day; however, this is dependant on you filling the questionnaire out correctly and providing all of the information required.
For Cyber Essentials Plus assessments, this depends on our consultants availability to perform the onsite assessment; however, we are normally able to deliver a Cyber Essentials Plus assessment within a 2-3 week window.
Absolutely! Many of our customers have already achieved Cyber Essentials elsewhere and are looking into obtaining Cyber Essentials Plus. It may be that your previous Certification Body couldn’t offer you the Cyber Essentials Plus certification.
Once we start the assessment process, we will ask you to send us your existing Cyber Essentials certificate and your report that contains the answers to our CE questions. We may also need to ask you some additional questions about your organisation and environment, which would otherwise have been answered on your original Cyber Essentials assessment.
Trusted Cyber Security Experts
As an organisation, SecureTeam has provided penetration testing and cyber security consultancy to public & private sector organisations both in the United Kingdom and worldwide. We pride ourselves in taking a professional, pragmatic and customer-centric approach, delivering expert cyber security consultancy – on time and within budget – regardless of the size of your organisation.
Our customer base ranges from small tech start-ups through to large multi-national organisations across nearly every sector – in nearly every continent. Some of the organisation’s who have trusted SecureTeam as their cyber security partner include:
Customer Testimonials
"Within a very tight timescale, SecureTeam managed to deliver a highly professional service efficiently. The team helped the process with regular updates and escalation where necessary. Would highly recommend"
IoT Solutions Group Limited
“First class service as ever. We learn something new each year! Thank you to all your team.”
Royal Haskoning DHV
“We’ve worked with SecureTeam for a few years to conduct our testing. The team make it easy to deal with them; they are attentive and explain detailed reports in a jargon-free way that allows the less technical people to understand. I wouldn’t work with anyone else for our cyber security.”
Capital Asset Management
“SecureTeam provided Derbyshire's Education Data Hub with an approachable and professional service to ensure our schools were able to successfully certify for Cyber Essentials. The team provided a smooth end-to-end service and were always on hand to offer advice when necessary.”
Derbyshire County Council
“A very efficient, professional, and friendly delivery of our testing and the results. You delivered exactly what we asked for in the timeframe we needed it, while maintaining quality and integrity. A great job, done well.”
AMX Solutions
“We were very pleased with the work and report provided. It was easy to translate the provided details into some actionable tasks on our end so that was great. We always appreciate the ongoing support.”
Innovez LtdSubscribe to our monthly newsletter
If you’d like to stay up-to-date with the latest cyber security news and articles from our technical team, you can sign up to our monthly newsletter.
We hate spam as much as you do, so we promise not to bombard you with emails. We’ll send you a single, curated email each month that contains all our cyber security news and articles that we’ve released that month.
“We were very impressed with the service, I will say, the vulnerability found was one our previous organisation had not picked up, which does make you wonder if anything else was missed.”
Aim Ltd Chief Technology Officer (CTO)