Cyber Essentials Plus.
Certification from just £200 pm
Cyber-attacks are becoming a significant threat to businesses. Organisations need to focus on cybersecurity to protect assets, data, and the company from extortion. They also need to demonstrate this to their customers and partners. Cyber Essentials Basic and Cyber Essentials Plus are nationally recognised badges that demonstrate a basic level of cyber security resilience.
Cyber Essentials Plus12 month payment plan
- Certification will open your business to more opportunities
- Cyber Essentials controls protect your businesses
- Peace of mind with technical validation from a qualified assessor
What is Cyber Essentials?
Cyber Essentials is a government-backed scheme that will help your business protect itself from common online threats. Common online threats account for 80% of cyber-attacks, and the scheme focuses on five precautionary controls that protect against them.
The five controls of Cyber Essentials:
- Boundary firewalls and internet gateways
- Secure configuration
- Access control
- Malware protection
- Patch management
The 7 tests of Cyber Essentials Plus
An external vulnerability scan will be taken on external-facing IP addresses to the organisation. All TCP and UDP ports will be scanned to look for vulnerabilities within this test.
An authenticated internal vulnerability scan will be conducted on a sample set of systems to review for vulnerabilities. This scan will review patch management highlighting vulnerabilities across systems. Any vulnerabilities identified with a patch that has been released for more than 14 days will result in a failure of this test.
A review of end-user devices malware protection will be conducted to ensure that all antivirus is up to date and active. This also applies to mobile and tablet devices, where phones may be checked for code signing to ensure devices aren’t jailbroken or rooted.
A set of emails will be sent to a sample set of end-user devices containing either malicious attachments or malicious hyperlinks to test the efficacy of email protection. This test must be undertaken on a standard non-administrative account.
Each of the end-user devices within the sample set will be required to navigate via each web browser to a website hosted by OmniCyber Security. This website will contain a set of specially crafted virus test files to validate the functionality of malware protection on the web browsers in scope. The malware attached won’t affect the organisation, however, it will flag to the assessor if the antimalware protection measures are sufficient to meet the Cyber Essentials standard.
For any cloud enabled services relevant to the assessment, an OmniCyber Security assessor will review the multi-factor authentication to ensure it is enabled appropriately according to the Cyber Essentials Plus standard.
To ensure user privileges are aligned to the Cyber Essentials standard, user accounts will be reviewed to ensure that administrative accounts are separate to day-to-day user accounts.
Cyber Essentials Plus Payment Plan
Cyber Essentials Packages
Become Cyber Essentials Plus certified with our flexible payment plans that allow you to spread the costs over 12 months. Being Cyber Essentials certified shows that you take your cybersecurity seriously, which can help your business in many ways.
Cyber Essentials Certification for just £49 per month
- Cyber Essentials certification
- Free additional submission
- Cyber liability insurance
For an additional £50 per month, you also have the option to include our Cyber Essentials Support package, With this, you will receive a one-to-one session with a qualified assessor. During this session, we will go over your Self-Assessment question set & help you to map your organisation’s infrastructure and processes out to the assessor, who will then provide bespoke consultancy to meet the Cyber Essentials standard.
We use industry certified techniques and tools to help clients rapidly identify and rectify security gaps everywhere their people, products and customers interact with technology.
Since IT Security and Compliance gets more complicated day-by-day, we empower our clients with leading edge consulting, services and training so they stay protected and resilient when faced with a cyber attack.
Sometimes offense is the best defense against cyber criminals. That’s why we provide a detailed mix of IT security services like CREST certified penetration testing, social engineering, web application testing and more. We search for the security gaps, and give you the streamlined recommendations you need to fill them fast.
The average cost of data breach in 2019 came at the bargain price of US$3.92 million. Large enterprises have the resources to absorb a hit like this, but most businesses don’t. This is where Managed Security comes in. As your embedded cyber security team, we provide network monitoring and advanced threat detection to minimise your risk of business disruption.
Do you get butterflies when you hear the words GDPR, PCI DSS, IASME, PIPEDA, CCPA? Getting compliance right is a big deal and gets more complicated day-by-day. We can help. Our compliance team has all the knowledge and tools you need to integrate best practices for data privacy across your entire organization and keep you resilient in face of a data breach.