Ashtons achieves the Cyber Essentials PLUS certification
The Cyber Essentials certification process requires that there are five technical controls in your company, and in order to pass the certification your organisation must meet all of the requirements:
- Secure Configuration
- User Access Control
- Malware Protection
- Patch Management.
There are two levels of certification – Cyber Essentials (a self-assessment) and Cyber Essentials PLUS.
Cyber Essentials PLUS has exactly the same requirements of Cyber Essentials (where we must show we have met the requirements of the five technical security controls). However, the critical difference is that Cyber Essentials PLUS requires an independent assessment of Ashtons’ security controls, to verify that we do indeed have the five technical security controls in place.
The Cyber Essentials assessment involves a vulnerability scan, which will identify unpatched or unsupported software, open ports, incorrect configuration etc. For this reason Cyber Essentials PLUS certification can be difficult to achieve without the correct preparation and assessment.
But (and this is the important part), since there is objective analysis of our existing security controls, there is real improvement in our cyber defences – and we have been certified!
As a result, Cyber Essentials PLUS has become a much more highly regarded certification in all industries, suitable for small and large businesses who are looking to prove they have robust cyber security controls.