• MSP Partners
  • Consultancy
    • Cloud Security
    • Cyber Security
    • Data Protection
    • DevOps
    • Penetration Testing
    • Secure Design
    • UK Government (HMG)
  • Certification
    • Cyber Essentials
    • Cyber Essentials Plus
    • IASME Governance
    • ISO 27001
  • Services
    • Dark Web Monitoring
    • Security Awareness Training
    • Vulnerability Scanning
    • CS-360 Managed Service
  • About
    • About us
    • Work with us
    • Our Blog
  • Contact us
  • Linkedin
  • Twitter
Cyber Security Specialists
  • MSP Partners
  • Consultancy
    • Cloud Security
    • Cyber Security
    • Data Protection
    • DevOps
    • Penetration Testing
    • Secure Design
    • UK Government (HMG)
  • Certification
    • Cyber Essentials
    • Cyber Essentials Plus
    • IASME Governance
    • ISO 27001
  • Services
    • Dark Web Monitoring
    • Security Awareness Training
    • Vulnerability Scanning
    • CS-360 Managed Service
  • About
    • About us
    • Work with us
    • Our Blog
  • Contact us
Menu

Cyber Essentials – What’s changing in 2022

Posted on Wednesday, December 22nd, 2021 at 6:02 pm

The Government approved Cyber Essentials scheme includes five technical controls that help protect organisations from many forms of cyber-attacks.

The scheme was introduced by the UK Government in 2014 as a way to help make the UK the safest place to do business. On January 24th 2022, some of the technical control requirements will change in line with recommended security updates. The evolution of Cyber Essentials allows UK businesses to continue raising the bar for their cyber security.

A team of industry experts review the scheme at regular intervals to ensure it stays effective in the ever-evolving threat landscape, and a big update is coming in January 2022!

What are the changes?

The first significant change will be the inclusion of cloud-based services. These services, such as Infrastructure as a Service (IaaS), Software as a Service (SaaS) and Platform as a Service (PaaS), will now be included in the assessment scope, in addition to updated requirements regarding security, remote working, password management, multi-factor authentication and more. The changes reflect the evolution of the cyber security landscape and better align Cyber Essentials with other government-backed initiations and guidance, such as Cyber Aware.

How will these changes impact my organisation (or my MSP Clients)?

Any organisations that start the application process before January 24th will continue using the current set of controls and have 6 months to complete the assessment.

Any organisations starting their application on or after January 24th will be assessed against the new technical standards; however, there will be a 12 month grace period for specific requirements to recognise the extra efforts.

For further information on these changes, please see the below resources provided by the NCSC, including FAQs and the updated requirements:

  • FAQs Page
  • Cyber Essentials: Requirements for IT infrastructure v3.0

That’s it!

We are an accredited Cyber Essentials and Cyber Essentials Plus Certification Body and look forward to helping our Clients and MSP Partners get certified in 2022!

For more information please contact us on 0161 706 0244 or email info@cybersecurityspecialists.co.uk to speak with a member of the team.

Our accreditations & Certifications

Consultancy

  • Cyber Security
  • Cloud Security
  • Data Protection
  • DevOps
  • Penetration Testing
  • Secure Design
  • UK Government (HMG)

Certification

  • ISO 27001
  • Cyber Essentials
  • Cyber Essentials Plus
  • IASME Governance

Services

  • Dark Web Monitoring
  • Security Awareness Training
  • Vulnerability Scanning
  • CS-360 Managed Service

Contact

Grove House
774-780 Wilmslow Rd
Manchester
M20 2DR

info@cybersecurityspecialists.co.uk
0161 706 0244

  • Linkedin
  • Twitter
© 2022 Cyber Security Specialists
  • Privacy Policy
Web Design by Carbon Creative