This post has been archived
We have just received our Cyber Essentials Plus certificate.
Pros: We were impressed by the level of testing and how practical it was. We liked the targeted tests (in particular the testing of malware defences).
Cons: Not easy for an SME to attain, but maybe that’s a Pro? Could be easy to fail - there is a reasonably strict pass/fail aspect that differs from your usual assessment where you argue you have assessed the risk and… You could argue it needs more ‘Process/ISO27001 stuff’ but all in all we we like the scheme as it hits some key areas and makes you think hard about your front line defences and then actually tries to break through them!