Cyber Essentials Plus
Cyber Essentials Plus is a UK government-backed, industry-supported scheme to help organizations protect themselves against common online threats. This framework is applicable to all organizations, of any size, in any sector, operating in the UK. It tests five key controls: secure configuration, boundary firewalls and internet gateways, access control and administrative privilege management, patch management, and malware protection. If a vendor wants to sell into the UK public sector and bid for central government contracts, a Cyber Essentials certification is required. This certification assures that essential precautions against cyber threats are in place, which include firewalls, secure configuration, user access control, malware protection, and patch management. There are two levels of certification: Cyber Essentials and Cyber Essentials Plus. Cyber Essentials Plus is more rigorous as it requires vulnerability tests to be performed as part of the certification.