The NCSC are introducing the biggest update to Cyber Essentials' technical controls since its launch.

This is in response to the dramatic changes to the world of work over recent times to take account for the increase in hybrid working and cloud adoption. The changes will further enhance how Cyber Essentials covers basic security considerations like password management, secure cloud access, MFA, and software updates.

Many of the changes are based on feedback from assessors and applicants, as well as consultation with Cloud Industry Forum. All Cyber Essentials applications starting on or after 24 January will use the updated version of requirements.

The Cyber Essentials is a Government backed scheme provided by the NCSC. It provides a robust standard that organisations can be assessed and certified against. It identifies the security controls that an organisation must have in place to ensure that they are addressing cyber security effectively and mitigating the risk from Internet-based threats.

The key areas that the standard addresses are:

  • Boundary Firewalls and Internet Gateways
  • Secure Configuration
  • Access Control
  • Malware Protection
  • Patch Management

Read the full article by the National Cyber Security Centre:

Read more


Back to News