The Cyber Essentials update you need to know about

As of April 2023, the NCSC and its Cyber Essentials partner IASME will have an updated list of technical requirements for Cyber Essentials.

The update comes as part of a regular review of the Cyber Essentials technical controls to ensure that it is up to date with the most common cyber threats, and that it is offering the latest guidance in helping UK businesses mitigate the risk of a cyber attack.

This update will provide important new guidance on the following:

- User devices
- Clarification on firmware
- Third party devices
- Device unlocking
- Malware protection
- Style and language
- Structure
- CE+ testing

All of these changes are based on feedback from assessors and applicants, and have been made with the help of technical experts from the NCSC. IASME are also providing additional guidance documents to help applicants during the certification process. This includes articles to help applicants understand the questions, and access to a dedicated knowledge base.

The latest update will take effect from 24 April 2023. This means applications started on or after this date will use the new requirements and question set.

If you’d like some more information on Cyber Essentials, or you are interested in gaining your accreditation, please speak to one of our experts on 0330 088 2565 or visit our contact page.

by Lizzie Clark
on February 22, 2023

Previous: Is That Really a Text from Your CEO?

Next: What are some ways you can leverage Microsoft forms?

The Cyber Essentials update you need to know about

Visit LMS Group HQ