What is Cyber Essentials Plus?
Cyber Essentials Plus is an expansion upon the “Cyber Essentials Verified Self-Assessment” which includes an audit of the organisation’s IT systems. It involves an audit of Sekoia’s system by an external assessor.
The key elements of a Cyber Essentials Plus audit can be summarised as follows:
- An assessor will pick a sample of computers at your organisation and perform an audit to ensure that the devices are configured as per the scheme.
- A vulnerability scan will be performed on these machines to confirm patching and basic configuration are at an acceptable level
- An external port scan of your internet-facing IP addresses will be conducted to ensure no clear and obvious misconfigurations or vulnerabilities can be identified.
- A test will be conducted on your default email/internet browser to confirm how well configured they are to prevent the execution of fake malicious files.
- Screenshots will be taken as evidence that the system is Cyber Essentials compliant.
You can read more about the certification here: https://cyberessentials.online/cyber-essentials-plus/