Cyber Essentials Plus

Cyber Essentials Plus certification enables organisations of any size to demonstrate effective cyber security controls through independent technical verification. This advanced level of Cyber Essentials helps protect against common cyber threats, improve compliance, and build trust with customers and stakeholders—all while keeping implementation straightforward and cost-effective.

What is Cyber Essentials Plus?

Cyber Essentials Plus is the highest level of Cyber Essentials certification, providing independent, hands-on verification that your organisation’s IT systems are secure against common cyber threats.

Unlike the basic Cyber Essentials self-assessment, Cyber Essentials Plus includes a technical audit of your systems carried out by qualified security assessors. This ensures that the security controls you have declared are not only in place but are working effectively in a real-world environment.

To achieve Cyber Essentials Plus certification, your organisation must first hold a valid Cyber Essentials (verified self-assessed) certificate, issued within the last three months. This ensures your baseline security controls are current before undergoing the more rigorous audit.
Cyber Essentials Plus Logo
Cyber Essentials

Want to know more about our Cyber Essentials Scheme?

Whatever the size of you organisation, our Government backed Cyber Essentials Scheme can help you stay protected from a range of common cyber attacks.

We help all local businesses in Nottingham, Derby, Lincoln, Chesterfield and Sheffield and the rest of the UK
Get in Touch
IT Cabinet

Why should you get Cyber Essentials?

  • Protect against approximately 80% of cyber attacks
  • Reassure customers that you are working to secure your IT against cyber attack
  • Demonstrates to your customers and supply chain that you have considered you security posture
  • You have a clear picture of your organisation's cyber security posture
  • Some Government contracts require Cyber Essentials certification

What Does the Cyber Essentials Plus Assessment Involve?

The Cyber Essentials Plus assessment is designed to validate that your organisation meets the required baseline security standards. The audit typically includes:
  • Independent Device Testing: A qualified assessor will select a representative sample of user devices and systems across your organisation to verify compliance with Cyber Essentials controls.
  • Internal Vulnerability Scanning: Internal scans are conducted on selected devices and servers to ensure security patches are up to date. Systems are securely configured. No known vulnerabilities exist within your internal network.
  • External Vulnerability Scanning: External scans assess your internet-facing systems by scanning all exposed IP addresses and open ports Identifying misconfigurations or exploitable vulnerabilities highlighting risks visible to external attackers
  • Malware Protection & User Controls Testing: Devices are tested to confirm they are protected against malicious files by, preventing the execution of unauthorised or harmful applications, ensuring secure configurations on email clients and web browsers
  • Mobile Device Security Checks: Mobile devices within the sample are reviewed to ensure: They are running up to date operating systems, security settings are enforced, Developer mode is disabled to prevent unauthorised app installations
Get in Touch

Cyber Essentials Plus Costs

Organisation SizeCost
Micro (0-9 Employees)£1850
Small (10-49 Employees)£2400
Medium (50-249 Employees)£2800
Large (250 > Employees)From £3300

Why you should have a Managed Cyber Essentials Plus service?

Strengthen your organisation’s cyber security with a fully managed Cyber Essentials Plus service. From preparation to certification and ongoing compliance, we help you protect your business, meet regulatory requirements, and stay ahead of evolving cyber threats.
  • Achieve and Maintain Compliance
  • Save Time and Reduce Internal Workload
  • Regular news letters. Keep up to date with any changes to the assessment and compliance.
  • Expert Support Every Step of the Way
  • Demonstrate Trust and Win More Business
Get in Touch

Managed Cyber Essentials Plus Costs

What is Managed Cyber Essentials Plus?

Managed Cyber Essentials Plus is a fully outsourced service that helps your business achieve and maintain the Cyber Essentials Plus certification. It includes Managed Vulnerability Scanning and continuous assistance to maintain compliance year round.
Organisation SizeCost Per Month
Micro (0-9 Employees)£225
Small (10-49 Employees)£425
Medium (50-249 Employees)£655
Large (250 > Employees)From £800

Add-On Automated Security Patch Management

What is Automated Security Patch Management?

Automated Security Patch Management is the process of automatically identifying, deploying, and verifying software updates (patches) to fix security vulnerabilities across devices—without needing manual intervention.
Organisation SizeCost Per Month
Micro (0-9 Devices)£25
Small (10-49 Devces£100
Medium (50-249 Devices)£350
Large (250 > Devices)From £350
Cyber Essentials LogoNational Cyber Security Centre LogoCyber Essentials Plus Logo

Social media:

Navigate our website:

Contact Us:

Red Circles ITS T/A Red Circles Cyber Security

Denby House Business Centre
Taylor Lane
Loscoe
Derby
Derbyshire
England
DE75 7AB
Red Circles ITS T/A Red Circles Cyber Security 2026 | Company Registered in the UK, Registration No: 12110635 | VAT No: GB 330184143