Cyber Essentials is the UK NCSC-backed scheme protecting organizations of all sizes against common internet-based attacks. It functions as a verified self-assessment certification scheme renewed annually, covering five key control areas: Firewalls, Secure configuration, Security update management, User access control, and Malware protection.

Cyber Essentials Plus requires completion within 3 months of the base certification. It involves hands-on auditing (on-site or remote), including vulnerability scans across a representative sample of devices — servers, desktops, laptops, thin clients, tablets, and mobiles.

Each sampled device undergoes checks for patch compliance (high/critical vulnerabilities within 14 days), malware protection configuration, account separation (standard vs. admin privileges), and multi-factor authentication on cloud services.

Forti5 Technologies offers support through both certifications, with CE costs set by NCSC and CE Plus pricing varying by network size and complexity.