Cyber Essentials Plus in a Box
An easy route to CE+ certification, cyber resilience and cost control
Cyber Essentials +
Finding the appropriate level of defence for your organisation is essential in establishing your Cyber resilience posture and managing costs. Cyber-attacks are growing in frequency and complexity, and businesses and consumers are growing increasingly conscious about how their sensitive data is protected. Cyber Essentials Plus (CE+) is a standard that guides your cyber posture and helps manage your security costs; providing evidence that you are defending your organisation and customer data adequately, and that you have the protections in place to meet these evolving threats.
CE+ requirements are set by the National Cyber Security Centre (NCSC) and are updated frequently to help counter emerging cyber threats. CE+ is audited by a number of Certification Bodies which are authorised by IASME, an Information Assurance standard for the small and medium enterprise.
The key challenge for businesses seeking CE+ accreditation is collating and managing all the information needed for the audit. Organisations often find they are collating and collaborating using shared spreadsheets and documents which quickly become out of date and are cumbersome to use as a group.
Why should you get Cyber Essentials?
Prove you have a good level of cyber resilience
Control your costs through a well-managed and appropriate cyber security posture
Evolving threats need an evolving cyber defence
Government contracts require Cyber Essentials certification
Explore how BrightCloud helps you every step of the way.
Creating the project plan
Use our CE+ white paper to understand the controls and the scope of CE+ and plan your project using the proven methodology that we use when we consult with our customers. How to produce the gap analysis, vulnerability assessment and create your asset list, and plan the actions that you need to take. We cover MFA, cloud apps, firewall rules and the processes and procedures you need to consider to achieve CE+.
Cyber Highway is a SaaS solution with an annual subscription that functions as a collaborative management platform for achieving and maintaining CE and CE+. Cyber Highway makes passing and maintaining Cyber Essentials Plus a much simpler and more collaborative process in turn saving time, improving efficiency and security, and guaranteeing certification success.
The vulnerability assessment guides the mitigation/remediation and server hardening work required to achieve a safe level cyber resilience. BrightCloud Consultancy team has decades of experience in helping customers address vulnerabilities and mitigate cyber risks; we work with you either to support your own team or to own and deliver successful outcomes for the vulnerability mitigation plan.
Network Security continues to be an important part of your Cyber resilience. We work with you to ensure that your devices are patched to a secure level and that your firewalls continue to protect your perimeter.
Secure Configuration Management
BrightCloud Patch Management as a Service (PMaaS) is designed to remove the burden of managing patching cycles for your virtual or physical server estate, whilst giving you the peace of mind that you are up to date.
Censornet Web and Email Security protects your organisation from web-borne malware, offensive or inappropriate content, and known, unknown and emerging email security threats. Stop large-scale phishing, targeted attacks, CEO fraud and malware in their tracks.
BrightCloud’s risk-based Vulnerability Assessment and Management focuses on the vulnerabilities and assets that matter most, while deprioritizing the vulnerabilities that attackers are unlikely to exploit.
This proactive, risk-driven approach delivers comprehensive, continuous visibility and informs technical and business decisions. This service will:
- Assess all your assets for vulnerabilities and misconfigurations continuously
- Measure the vulnerability’s risk to your business using threat intelligence and asset criticality
- Predict which vulnerabilities present the most risk to your organization, and remediate them
- Deliver risk-based information to business owners
This service not only identifies and categorises vulnerabilities but can also remediate them.
Cyber Security Behaviour Training
Cyber security education addresses the human dimension by testing user awareness and then targeting users with relevant training. Our service includes the delivery of a series of phishing simulation campaigns that are designed to help increase user awareness of phishing emails, and boost confidence in reporting any that by-pass your technical defences.
The training portal includes content that can also be used for other cyber security training sessions without the need for an initial phishing campaign.
Identity and Access Management
BrightCloud manages and supports your use of Microsoft 365 and included in that support is ensuring that all your users have MFA enabled and their access is managed via by Azure AD with a P1 or P2 license being required for conditional access. For those requiring a more sophisticated login experience BrightCloud also offers a Single Sign On solution (SSO).
Annual IASME Assessment
IASME is an independent consortium which works with hundreds of certification bodies that are committed to helping businesses improve their cyber security, risk management and good governance through an effective and accessible range of certification.
Working with BrightCloud we prepare you for your CE assessment, and once the appropriate fees are paid to IASME and the assessor we help guide you through he assessment to a positive outcome.
Are you ready for Cyber Essentials Plus? Download ‘How and why to attain CE+’ our free guide to achieving Cyber Essentials Plus certification.
Get Your Free Guide
BrightCloud is a IT managed services provider with over 20 years experience dealing with Mid Market and Enterprise customers. Many organisations struggle to find their security baseline, we believe that Cyber Essentials Plus provides that baseline. BrightCloud works with you to understand your security needs, conduct a gap analysis and help you on your journey to strong cyber resilience and CE+.
We work closely with our accredited partners to develop innovative technology strategies and produce the most effective results for our customers.