Ever Wondered What the Difference Between Cyber Essentials and Cyber Essentials Plus is? Wonder No More

Many small businesses know they need to improve their cybersecurity but they’re not entirely sure how, or how to do it on a budget. They may have tackled other safety measures like backup or BCDR but there’s a whole world of preventative measures that may not be addressed properly. This is where Cyber Essentials and Cyber Essentials plus come in. Both offer a “cyber protection 101”. But one is a lot more valuable. Here’s the difference between Cyber Essentials and Cyber Essentials Plus.

 

Quickly, what is Cyber Essentials and what is Cyber Essentials Plus?

Cyber Essentials is a government-founded program designed to get an SME up to speed on some basic security measures. It checks the IT infrastructure and an organisation’s computers. It uses 5 controls to assess a business’s security.

• The use of a firewall for securing your connection to the internet.
• The use of secure settings for your devices and software.
• Controlling who accesses your data and your services.
• Adequate protection from viruses and other malware.
• Keeping your devices and software up to date.

Cyber Essentials is 100% self-certified. You the business are responsible for assessing how well your IT meets the above criteria. Cyber Essentials Plus is exactly the same as Cyber Essentials, however, when it comes to the assessment process there is one key difference.

 

The key difference

Cyber Essentials Plus involves an external organisation. A certification body will run a vulnerability scan which will remotely scan your network. They will also check to ensure you’re meeting the five controls above using a software tool.

When to go with Cyber Essentials, and when to go with Cyber Essentials Plus

The credibility that Cyber Essentials Plus delivers can be valuable. Here are a few instances where you’ll want to take advantage of it.

When you’re bidding on a job that requires strong cybersecurity

If you’re handling data within a cautious industry like healthcare or finance, they are likely to demand proof of good cybersecurity practices. Cyber Essentials Plus will be better suited to ticking that box.

If you have no dedicated IT department

It will be hard to trust your own assessment if you don’t have any IT staff that are dedicated to keeping your systems in check. Get an external assessor and Cyber Essentials Plus will give you 100% assurance that you’re not making any silly mistakes.

If you want to certify your cybersecurity for your own peace of mind

Understandably, any business would want to know how good its cybersecurity is. Cyber Essentials Plus is an ideal way for a business to know it’s protected with zero doubt.

 

Keeping your business safe has a range of elements to it. But Cyber Essentials is very much the foundational element to doing so. In one word the difference between Cyber Essentials and Cyber Essentials Plus is credibility. Take part in cyber essentials plus and the credibility of your business will be improved. You may still not be sure if either is right for your business right now. If not, click below to download our eBook and find out more about Cyber Essentials.