Cyber Essentials changed on January 24th when the National Cyber Security Centre introduced an updated set of requirements.
Indelible Data’s Managing Director Tony Wilson contributed to the changes and will lead a webinar on May 12th 2022 to help clients understand and meet the new requirements. Just 20 places are available and can be purchased here
This update is the biggest overhaul of the scheme’s technical controls since it was launched in 2014 and is in response to the evolving cyber security challenges facing organisations.
The update includes revisions to scoping, the use of cloud services, as well as home working, multi-factor authentication, password management, security updates and more.
The new version of the Cyber Essentials technical requirements were released on 24 January 2022. Any assessments already underway, or were purchased before that date, will continue to use the current technical standard, meaning that in-progress certifications will not be affected. Organisations using the current standard have six months from 24 January to complete their assessment.
All Cyber Essentials applications that began on or after 24 January will use the updated version of requirements. We recognise that some organisations may need to make extra efforts when assessed against the new standards, so there will be a grace period of up to 12 months for some of the requirements.
An updated version of the guide can be found here Indelible Data’s Cyber Essentials Guide – An in-depth look at passing first time
PRICE CHANGES ON JANUARY 24th
To reflect the increasingly complex nature of assessments for larger organisations, from 24th January 2022, Cyber Essentials adopted a new tiered pricing structure.
While micro businesses and organisations continue to pay £300 assessment charge, small, medium and large organisations now pay a little more.
The new structure – which adopts the internationally recognised definition for micro, small, medium and large enterprises – is shown in the table:
|Micro organisations (0-9 employees)||*£300 +VAT (3-5 day assessment)|
|Small organisations (10-49 employees)||*£400 +VAT (3-5 day assessment)|
|Medium organisations (50-249 employees)||*£450 +VAT (3-5 day assessment)|
|Large organisations (250+ employees)||*£500 +VAT (3-5 day assessment)|
*Prices shown do not include add-ons associated with SILVER and GOLD services.
For further pricing details, please visit our costs and packages page.