Cyber Essentials Plus.
Certification from just £200 pm
Cyber-attacks are becoming a significant threat to businesses. Organisations need to focus on cybersecurity to protect assets, data, and the company from extortion. They also need to demonstrate this to their customers and partners. Cyber Essentials Basic and Cyber Essentials Plus are nationally recognised badges that demonstrate a basic level of cyber security resilience.
Cyber Essentials Plus
12 month payment plan-
Certification will open your business to more opportunities
-
Cyber Essentials controls protect your businesses
-
Peace of mind with technical validation from a qualified assessor
Cyber Essentials Certified
An independently verified self-assessment for 12 months.
Free Additional Submission
If you do not pass your inital assessment, try again on us!
Cyber Liability Insurance
For UK organisations with an annual turn over under £20m.
Reduced Cybersecurity Risk
Protection against a wide variety of the most common cyber-attacks.
Affordable Monthly Cost
Affordable payments for small & medium sized businesses
What is Cyber Essentials?
To further understand how to meet the cyber essentials requirement please review the Requirements for Infrastructure Document here.
The five controls of Cyber Essentials:
- Boundary firewalls and internet gateways
- Secure configuration
- Access control
- Malware protection
- Patch management
The 7 tests of Cyber Essentials Plus
An external vulnerability scan will be taken on external-facing IP addresses to the organisation. All TCP and UDP ports will be scanned to look for vulnerabilities within this test.
An authenticated internal vulnerability scan will be conducted on a sample set of systems to review for vulnerabilities. This scan will review patch management highlighting vulnerabilities across systems. Any vulnerabilities identified with a patch that has been released for more than 14 days will result in a failure of this test.
A review of end-user devices malware protection will be conducted to ensure that all antivirus is up to date and active. This also applies to mobile and tablet devices, where phones may be checked for code signing to ensure devices aren’t jailbroken or rooted.
A set of emails will be sent to a sample set of end-user devices containing either malicious attachments or malicious hyperlinks to test the efficacy of email protection. This test must be undertaken on a standard non-administrative account.
Each of the end-user devices within the sample set will be required to navigate via each web browser to a website hosted by OmniCyber Security. This website will contain a set of specially crafted virus test files to validate the functionality of malware protection on the web browsers in scope. The malware attached won’t affect the organisation, however, it will flag to the assessor if the antimalware protection measures are sufficient to meet the Cyber Essentials standard.
For any cloud enabled services relevant to the assessment, an OmniCyber Security assessor will review the multi-factor authentication to ensure it is enabled appropriately according to the Cyber Essentials Plus standard.
To ensure user privileges are aligned to the Cyber Essentials standard, user accounts will be reviewed to ensure that administrative accounts are separate to day-to-day user accounts.
Why Omni
We use industry certified techniques and tools to help clients rapidly identify and rectify security gaps everywhere their people, products and customers interact with technology.
Some of the biggest brand globally trust our highly qualified and experienced team to ensure their systems and infrastructure are secure and compliant.
Whilst our teams can be relied upon to provide excellence in a single engagement, Omni excel at helping our clients mitigate the risks of their changing threat landscape for the long term, through a bespoke delivery of compliance and security services.
PEN TESTING
Find out where you are vulnerable, before hackers do
Sometimes offence is the best defence against cyber criminals. That’s why we provide a detailed mix of IT security services like CREST certified penetration testing, social engineering, web application testing and more. We search for the security gaps and give you the streamlined recommendations you need to fill them fast.
MANAGED SECURITY
Prevention is the best medicine
The average cost of a data breach in 2019 came at the bargain price of US$3.92 million. Large enterprises have the resources to absorb a hit like this, but most businesses don’t. This is where Managed Security comes in. As your embedded cybersecurity team, we provide network monitoring and advanced threat detection to minimise your risk of business disruption.
COMPLIANCE
Safeguard data, protect your customers and yourself
Do you get butterflies when you hear the words GDPR, PCI DSS, IASME, PIPEDA, CCPA? Getting Compliance right is a big deal and gets more complicated day-by-day. We can help. Our Compliance team has all the knowledge and tools you need to integrate best practices for data privacy across your entire organization and keep you resilient in face of a data breach.