top of page
  • Writer's pictureJared Thompson

Cyber Essentials: Updated Technical Controls Introduced

IASME and the National Cyber Security Centre have introduced an updated set of requirements for the Cyber Essentials certification scheme on the 24th January 2022. This update is set to be the biggest overhaul of the scheme’s technical controls since it was first launched in 2014.

The adoption of cloud services has massively increased due to the pandemic has grown over the past two years, with home/hybrid working now being adopted as the new normal for so many staff and businesses nationwide. As employees use their own devices and Internet routers for work, Cyber Essentials will now consider these during its assessment, this will also include revisions of; multi-factor authentication, security updates, password management, and cloud services.

This update aims to help businesses maintain basic cyber hygiene alongside this change in working behaviours, and provide reassurance for clients, managers and employees. Changes have been implemented thanks to a consultation provided by the Cloud Industry Forum and feedback from assessors and cyber essentials applicants.

What is Cyber Essentials?

Cyber Essentials is a simple and effective Government-backed scheme, supported by industry experts and the Cyber Resilience Centre through our Cyber Essentials Partner network.

The scheme helps you put measures in place to protect your organisation, regardless of size or sector, against a range of the most common cyber-attacks. This includes protecting against threats such as malware, ransomware and phishing.

How Does The New Update Work?

The new update for Cyber Essentials was officially released on 24th January 2022. Any applications that are processed before this date will continue to use the current standard requirements and will have six months to complete the assessment.

Any future Cyber Essentials assessments will now use the updated set of requirements, with a grace period of up to 12 months on select requirements for organisations who need to make adjustments and extra efforts.

For more information on these technical changes download our PDF, and for more information on acquiring Cyber Essentials certification visit our Cyber Essentials Partners.

Cyber Essentials Update Requirements 2022 NWCRC
Download PDF • 527KB


How can we support your business?

Phishing 292 x 219px.png

Raise your staff's awareness of phishing emails and guard your business against the growing trend of social-engineering threats.


Training your employees on what a phishing attack looks like makes them more likely to identify and report scams.

security awareness training.png

Our training package is designed and delivered by cyber experts giving you access to the most up-to-date information in an ever-changing cyber landscape.

You can purchase single-place training spots or a cyber security workshop.

Community Members

Our premium membership package is aimed at medium-sized businesses and includes bespoke security awareness training sessions.


This allows your business to train several cyber security champions and an assessment of your cyber risk. 

bottom of page