Cyber Essentials “Danzell update” 2026 – What the new standard means and how to prepare

27/03/26 Wavenet
cyber essentials danzell

From 26th April 2026, a significant update to the Cyber Essentials scheme known as the Danzell update will come into effect. While the standard remains a vital benchmark for cyber hygiene, the update introduces stricter controls, deeper validation, and greater clarity in how requirements must be demonstrated.

For many organisations, this means that passing Cyber Essentials is likely to become more challenging, particularly for those organisations that rely on partial implementations, informal processes, or high-level responses that lack technical detail.

The updated standard, delivered by IASME and aligned with the National Cyber Security Centre, is designed to address inconsistencies in how organisations implement and evidence security controls. By placing greater emphasis on clarity, consistency, and real-world application, the changes aim to ensure certification more accurately reflects your organisations actual security posture.

Cyber Essentials already helps protect against the majority of common cyber threats. The “Danzell” update strengthens this further by ensuring those protections are:

  • Consistently applied.
  • Technically enforced.
  • Properly evidenced.

What the change means for your organisation

This isn’t just a technical update, it will directly impact how your organisation prepares for assessment, manages its environment, and maintains certification over time.

Here’s what that looks like in practice:

1. Stricter MFA requirements

What this means for your organisation: you’ll need to ensure MFA is consistently enforced across all critical systems, not just partially implemented.

  • MFA must be applied across remote access, cloud services, and admin accounts.
  • Gaps in coverage could lead to immediate assessment failures.
  • Informal or inconsistent MFA policies will no longer be sufficient.

2. Stronger scope validation

What this means for your organisation: if you’re not certifying your full organisation, you’ll need to clearly prove how systems are separated, and that separation is technically enforced.

  • Partial scope certifications will face significantly more scrutiny.
  • You must demonstrate segregation using controls like VLANs and firewalls.
  • Poorly defined scope boundaries could result in rejection or delays.

3. More rigorous assessments

What this means for your organisation: your responses will need to be detailed, accurate, and backed by real technical evidence, not high-level descriptions.

  • Assessors will challenge vague or unclear answers.
  • Generic responses are more likely to be rejected.
  • Internal teams may need more time and expertise to complete submissions properly.

Does this affect Cyber Essentials Plus?

Yes. The updates to Cyber Essentials Plus introduce a much stricter approach to testing and validation, particularly around patching and update management.

This closes a major loophole and ensures organisations can no longer rely on fixing issues in isolated areas.

1. Stricter patching validation

What this means for your organisation: you’ll need to ensure patching is applied consistently across your entire environment, not just the devices selected for testing.

  • Updating only sampled devices is no longer sufficient.
  • Vulnerabilities elsewhere in your estate can now directly impact your result.
  • Inconsistent patching processes will significantly increase the risk of failure.

2. Mandatory remediation and retesting

What this means for your organisation: if you fail the initial test, you’ll need to remediate issues quickly and be prepared for deeper scrutiny during retesting.

  • Failed devices must be fixed before reassessment.
  • Retesting will include both the original sample and a new set of devices.
  • This increases pressure on internal teams to respond quickly and effectively.

3. Higher risk of full certification failure

What this means for your organisation: failing the second test doesn’t just impact Cyber Essentials Plus, it can result in losing your Cyber Essentials certification entirely.

  • A second failure leads to a full CE+ failure.
  • Your verified Cyber Essentials certificate might be revoked.
  • This could impact contracts, compliance status, and customer trust.

How to prepare for the new update

Preparing for Cyber Essentials under the new “Danzell” standard requires more than just understanding the requirements, it requires confidence that your controls are consistently applied and effectively evidenced.

A structured, proactive approach can help you to adapt to the changes and reduce the risk of delays or failed assessments.

1. Identify gaps early

Start by building a clear picture of your current environment and where gaps may exist.

  • Assess MFA coverage across all critical systems.
  • Review patching consistency across your full estate.
  • Validate scope definitions and segmentation controls.

Identifying gaps early allows you to prioritise actions and avoid last-minute remediation.

2. Strengthen and standardise controls

The updated standard places greater emphasis on consistency across your environment.

  • Ensure controls are applied uniformly not selectively.
  • Reduce reliance on manual or ad hoc processes.
  • Align policies with actual technical implementation.

This is particularly important for access controls and patch management.

3. Improve evidence and response quality

With more rigorous assessments, how you present your controls matters as much as the controls themselves.

  • Provide clear, specific, and technically accurate responses.
  • Avoid vague or generic statements.
  • Ensure documentation reflects real-world configurations.

This helps minimise back-and-forth during the assessment.

4. Prepare for end-to-end validation (CE+)

For Cyber Essentials Plus, preparation must go beyond policy into operational readiness.

  • Apply patching consistently across all devices.
  • Be ready to remediate and retest quickly if needed.
  • Validate controls internally before formal assessment

This reduces the risk of failure during testing and retesting stages.

Why your organisation should still aim for Cyber Essentials and Cyber Essentials Plus

Despite the introduction of stricter requirements, Cyber Essentials remains a highly valuable certification for your organisation. It provides a recognised UK Government backed standard that demonstrates you have implemented essential cyber security controls to protect against common threats. Achieving certification helps reduce risk, supports eligibility for public sector and supply chain contracts, and strengthens trust with customers, suppliers, investors, and stakeholders.

Cyber Essentials Plus adds an additional layer of independent technical validation, giving external assurance that your controls are not only documented but tested in practice. Beyond the certification itself, the process encourages stronger internal practices around MFA, patch management, and network segmentation, helping to improve your overall security posture in a structured and measurable way.

Need some help?

The updated Cyber Essentials requirements represent a natural evolution of the scheme, placing greater emphasis on consistency, evidence, and real-world security outcomes.

Our cyber team can guide your organisation through the steps to accreditation with minimal disruption, whether you are upgrading from Cyber Essentials or looking to complete the full pathway that includes both Cyber Essentials and Cyber Essentials Plus certification.

We will support you throughout the entire process and remain available to answer any questions, helping you navigate the updated requirements with clarity and confidence. See our full certifications here.

Wavenet is an IASME accredited provider and a Certifying Body for the Cyber Essentials programme. This means we can conduct your assessment, report the outcome to the scheme administrators (IASME), and ultimately issue the certificate when you pass.

By combining technical expertise across infrastructure, applications, and data with a practical, hands-on approach, we help you identify gaps, implement the right controls, and approach certification fully prepared for the updated requirements.

Cyber Security, CyberGuard, Blogs

Latest blogs

See all posts
password
Why strong passwords still matter - use our password strength checker

Passwords remain one of the most common entry points for cyber attacks. Despite advances in authentication technologies, compromised credentials continue to play a major role in data breaches, ransomware incidents, and account takeovers. This article explains what you can do to help, and includes the top 10 tips for creating secure passwords and a password strength checker so this page can be shared with your users to help them understand and adopt good practices.

Read more
it-in-education
What are the IT challenges for education?

The UK education sector is experiencing one of the most challenging cyber and IT landscapes in its history. Schools, colleges, academies, Multi-Academy Trusts (MATs), and universities are more digitally connected than ever, but this dependency exposes them to escalating cyber risks, operational disruption, and increasing pressure on already-stretched IT teams.

Read more
full-fibre
Preparing your UK business for the full-fibre rollout

The UK is undergoing a major digital upgrade as full‑fibre broadband rapidly replaces ageing copper networks. Openreach aims to reach 25 million premises by 2026, bringing faster, more reliable connectivity to businesses nationwide.

Read more
microsoft-copilot
What’s new in Microsoft Copilot for 2026: the complete guide to AI agents, work IQ & next‑gen productivity

Microsoft Copilot has entered its most transformative year yet. In 2026, Copilot moves beyond being a helpful assistant and becomes an action‑taking AI agent capable of running multi‑step workflows, understanding organisational context, and automating real work across Microsoft 365.

Read more
Placeholder thumbnail
The CEO's guide to AI, automation & future technologies in 2026

1. How is AI becoming the new operating system of business? AI has evolved into a strategic operating layer for modern organisations, reshaping operations, cyber resilience, managed IT services, and enterprise security. Companies increasingly rely on AI-powered managed services, managed cyber security solutions, and managed network security to enhance forecasting, optimisation, and workflow execution.

Read more
Placeholder thumbnail
The top IT challenges holding UK businesses back in 2026 - and how to fix them

Technology should accelerate your business - not slow it down. Yet for many organisations, day‑to‑day IT challenges are becoming more disruptive and harder to manage than ever before. As hybrid work expands, cyber threats evolve, and systems grow more complex, businesses face increasing pressure across their digital environments.

Read more