Why get Cyber Essentials Plus certified?

28/11/23 Wavenet
Why get Cyber Essentials Plus certified?

The direct cost, recovery cost and long-term cost of security breaches are growing year-on-year. According to the 2022 Cyber Security Breaches Survey, 39% of UK businesses identified a cyber security breach or attack with the average cost of a data breach being between £4,200 and £19,400. 

Achieving a Cyber Essentials accreditation is a great framework to address the basics of cyber security, but is it enough? Once achieved, you certainly need to be thinking about the next level of your cyber security strategy and the Government-backed Cyber Essentials Plus accreditation offers businesses the opportunity to do this. Industry experts, including the National Cyber Security Centre (an independent organisation), all agree that the benefits of upgrading to Cyber Essentials Plus are too good to ignore. 

What is the difference between Cyber Essentials and Cyber Essentials Plus? 

Whether you are working towards your Cyber Essentials or your Cyber Essentials Plus accreditation, it is all about how your business is adhering to a set of requirements that an independent, government-backed, certified body deems appropriate. The same list of requirements is needed for both accreditations; however, the real difference lies in how you are assessed on these requirements. 

Cyber Essentials is a self-assessment on how you are adhering to cyber security procedures. 

Cyber Essentials Plus is more in-depth and involves an independent external certified body examining your cyber security. This can be done via simulated phishing attacks and basic hacking procedures to confirm that you are adhering to the set of security requirements needed. To complete the assessment, you will also need to pass a final technical audit. 

In theory, if you have passed your Cyber Essentials accreditation and are adhering to all the agreed requirements, then there is no reason you should not pass your Cyber Essentials Plus accreditation. 

It may sound like there is a lot more effort required to achieve a Cyber Essentials Plus certification, but the benefits are huge. 

Why that “plus” makes all the difference

There are many reasons why you should upgrade to Cyber Essentials Plus, and this can depend on your business’s motivations. 

A key reason for the upgraded certification is so that you, as a business, are highlighting the fact that you take security and data protection seriously. With cyber-attacks constantly in the news, having a strong stance on cyber security is a much-needed virtue in today’s modern business world. 

This has a direct impact on another crucial factor to consider which is whether to upgrade your certification. If you are demonstrating that security and data protection is taken seriously within your organisation then this puts your company in an advantageous position when bidding for new contracts, suppliers, or tenders. The same survey highlighted that 84% of businesses found that having this accreditation made it easier for them to win contracts. Imagine one of your prospects has gone to tender and security is a key factor for them. If your competitor has Cyber Essentials and you are Cyber Essentials Plus accredited, who would you choose? 

Another significant reason to upgrade is for peace of mind that you are demonstrating the highest cyber security standards internally. Cyber Essentials Plus encompasses a far greater number of cyber assessments, thereby providing you with a better understanding of your own organisation’s levels of cyber risk. Your business is only as secure as your internal security policies. It is extremely easy to complete a self-assessment form stating you are adhering to cyber security protocols, but having your protocols evaluated by an external body can give you peace of mind that you’ve taken the extra steps needed to be cyber-secure. 

And finally, Cyber Essentials Plus may not be a desire for your business, but a necessity. Businesses within certain industries (Health, Telecoms etc.) are now required to obtain Cyber Essentials Plus certification. Whilst Cyber Essentials allows organisations to work with the Government, a Cyber Essentials Plus accreditation can open your business to new markets such as the opportunity to work with the MOD. 

Advice on how to pass Cyber Essentials Plus… 

It may seem hard to achieve but we are on hand to guide and offer advice on how to pass Cyber Essentials Plus first time. 

As independent assessors who offer Cyber Essentials Plus, we have experience of working with a wide variety of organisations, going through the same process daily. 

As with anything in life, you get out what you put in, and nothing could be truer with Cyber Essentials Plus. The more preparation you put in, the more likely you are to pass. On average, it takes seven days to achieve and if you do fail, you must start right back at the beginning. 

Repeatedly, we see businesses take time out to prepare for the assessment and pass first time. However, we have also seen overconfident and ill-prepared organisations who fail, which wastes company time and money. 

To summarise in one word the key to passing Cyber Essentials Plus: Preparation. 

How Wavenet CyberGuard can help… 

With organisations keen to adhere to cyber security regulations, there is no better time to upgrade your Cyber Essentials accreditation to a Cyber Essentials Plus certification. 

CyberGuard Technologies - a division of Wavenet, a company that has been in business for over 20years and understands the industry - can offer help and guidance on the best practices of being cyber-secure. 

Our cyber team can guide your business through the steps to accreditation with minimal fuss, whether that is upgrading from Cyber Essentials or our whole package which includes Cyber Essentials and Cyber Essentials Plus certification. 

We will assist you through the entire process and will be on hand to help you with any questions you may have. Once you’ve passed the Cyber Essentials Plus accreditation, you’ll be able to display the Cyber Essentials Plus logo on your website and marketing literature to demonstrate to your customers, suppliers, investors and stakeholders that your organisation is taking the advanced steps to protect your business from cyber threats and that you take cyber security seriously.

Cyber Security

Latest blogs

See all posts
A happy house tenant is using an app on her phone to report a home issue to her housing provider
From risk to resolution: how Active Assessor helps you stay ahead of Awaab's Law

What does Awaab's Law mean and why does it matter? Damp and mould aren’t just inconvenient maintenance problems - they’re serious risks to tenant health, regulatory compliance, and the reputation of housing providers. Nearly 1 in 7 social homes in England failed to meet the Decent Homes Standard in 2023¹. On top of that, the NHS is estimated to spend £1.4 billion a year treating health issues related to cold, damp housing². And yet, more than half of tenants experiencing condensation, damp or mould don’t report it. Often, they don’t recognise the early signs, or they simply don’t believe they’ll be taken seriously. This silence leaves landlords in the dark and turns small, fixable issues into expensive, high-risk problems. The tragic death of Awaab Ishak in 2020 brought national attention to the dangers of mould in social housing. In response, Awaab’s Law was introduced in 2023, significantly raising the bar for housing providers. Under the new legislation, social landlords must investigate hazards like damp and mould within 14 days, begin necessary repairs within 7 days, and complete the work within 21 days. This has turned what was once a service expectation into a legal requirement. But with so many issues going unreported, housing providers are left vulnerable. Failing to detect or act on early signs doesn’t just put tenants at risk—it can now result in legal and reputational consequences. The Challenge: Strained Teams & Outdated Systems Most housing providers care deeply about tenant safety. The problem isn’t willingness—it’s capacity. Maintenance teams, IT departments, and customer contact centres are already stretched thin. Spotting early-stage issues requires tools they simply don’t have. Traditional, manual inspections are expensive and slow. Reactive workflows leave little room to get ahead of problems. And despite growing demand for proactive service, only 13% of customers actually receive it. The systems many teams rely on today are fragmented, outdated, and not fit for the pressures of a post-Awaab world. The Solution: Active Assessor by 8x8

Read more
Placeholder thumbnail
Is your construction business prepared for the PSTN switch-off?

Getting your construction business ready for the PSTN switch-off

Read more
Placeholder thumbnail
There's more to the PSTN switch-off than meets the eye

What is the PSTN switch-off? The impending PSTN (Public Switched Telephone Network) switch-off isn’t just about replacing traditional lines. It’s a seismic shift that impacts far more than most realise – and if you’re not prepared, it could cost your business dearly. Most companies are aware that traditional analogue lines and ISDN systems for calls and broadband are being phased out by January 2027. But what many don’t see is the vast ripple effect of this transition – touching everything from lifts to life-critical systems, cash machines, and even traffic lights. What does the PSTN switch-off mean in simple terms? When it comes to the PSTN switch-off, it’s easy to think that it is just about phone lines. But the truth is, it’s much more complex. Here is what’s at stake: Life-saving systems: fire alarms, major medical and safety devices, emergency alarms in care homes, emergency pendants, telemetry services monitoring boiler rooms, dams, sluice gates, and substations. Public infrastructure: traffic lights, bus stops, speed cameras, and traffic management systems. Business-critical devices: PDQ and payment terminals, ATMS, CCTV, video surveillance, door entry, security systems, and remote access points. Transport & emergency services: roadside AA/RAC recovery alerts and devices, and emergency phone lines in hazardous environments. Telecommunications & internet: leased lines, private networking facilities, dial-up lines, broadband DSL services, and international leased lines. Community & public services: emergency teams and vehicles, payphones, modems, industrial control, public alerts, and more. If every one of these vital systems suddenly loses connectivity – chaos, downtime, and danger could follow. The possible business impact of the PSTN switch-off could be financial losses, public safety risks and erosion of customer trust. The PSTN switch-off is a vital business resilience issue – the time to act is now Unlike many providers who may focus on the obvious, we see what others miss. Our team dives beneath the surface, examining your entire network ecosystem to identify what’s at risk when the PSTN switches off. We have mapped out the hidden web of critical systems that rely on legacy infrastructure – and yes, we’ve prepared solutions for each one. Check out our iceberg infographic to see a quick glance of the PSTN switch-off picture. The switch-off is just the tip of the iceberg. Without planning, your operations could face catastrophic disruption. Don’t let your business be caught unaware. Reach out today for an in-depth assessment, and explore solutions tailored to your critical systems. Because when it comes to the PSTN switch-off, we see beyond the iceberg – and help your business stay afloat.

Read more
Placeholder thumbnail
What will happen to businesses when landlines go digital?

Preparing your business for the WLR switch-off and ensuring a smooth transition Most businesses currently rely on traditional analogue lines, ISDN, or broadband connected through Wholesale Line Rental (WLR) – the infrastructure powering your calls, data, security systems, and more. But the truth is, the WLR switch-off is on the horizon – and it’s affecting businesses in ways they might not be expecting. It’s not just about telephony! Do you really know what your WLR lines are powering? And what your options are? The countdown is on - Openreach’s deadline to shut down traditional analogue phone lines, ISDN, broadband, and other vital WLR-connected services is January 2027 (or even sooner). If you’re not fully prepared, your business could face serious disruption: Your phones may stop ringing, cutting off essential customer contact Lifts and critical facilities could cease functioning Broadband and internet services might go offline unexpectedly Your customers’ access to your services could be lost What exactly are your WLR lines powering? Many businesses don’t realise just how much relies on their existing WLR lines and traditional networks. The PSTN and WLR include more than just voice calls; they power card payment terminals, security alarms, lift controls, entry systems, CCTV, emergency systems, and many other critical business operations. Without a clear understanding of which lines are used for what, you risk missing vital services during the switch-over. Managing large estates or multiple sites makes this even trickier – you may be unaware of what lines you have, what they’re used for, where they’re located, or what they are connected to, creating a significant business risk. What do you do when landlines go digital? Don’t wait until disruption strikes. The earlier you identify your current setup and plan your migration, the smoother and more secure your transition will be. Download our free WLR Audit Factsheet – a straightforward guide to show you how we can help. Stay ahead of the clock. Take control now to ensure your business’s ongoing communications and critical services remain unaffected. Visit wavenet.co.uk/pstn-switch-off  for more information. 

Read more
Placeholder thumbnail
What is the WLR switch-off?

The WLR switch-off roadmap The countdown has begun – are you prepared? The WLF (Wholesale Line Rental) switch-off is already underway, and by January 2027, all traditional PSTN and ISDN lines will be switched off. Doing nothing isn’t an option anymore. Without action, your vital communications could face disruption, affecting your business operations and customer service. Why act now for the WLR switch-off? This isn’t just a technical upgrade – it’s a chance to transform your communication infrastructure into a reliable, feature-rich, all-IP network. Moving to an all-IP network unlocks better reliability, feature-rich communication, and future-proof capabilities that keep your business connected and competitive in a digital-first world. Your WLR switch-off migration journey starts here Switching to an all-IP solution is easier than you think. We help you assess your current setup and craft a tailored plan for a smooth, seamless migration. Options include: FTTP & SOGEA: Super-fast dedicated internet for unbeatable connectivity IP Voice & Hosted Voice: Flexible, scalable telephony solutions for modern communication UC Applications: Boost collaboration across your team, anywhere, anytime SIP Trunking: Cost-effective, reliable connectivity that scales with your needs Future-proof your business today Migrating early minimises disruption and unlocks new operational efficiencies. An all-IP network offers smoother communication, advanced features, and easier management, so you stay ahead in today’s digital economy. Be prepared for the WLR switch-off Ready to make the switch? We’ve got the perfect resource to help you stay ahead: our visual quick guide on the Openreach switch-off schedule. It’s a simple, clear, and easy-to-follow overview that helps you understand the timeline and plan your migration effectively. Download the WLR Switch-off Guide now and get your WLR migration plan on track. Be proactive and secure your business’s future communications today! Visit wavenet.co.uk/pstn-switch-off for more information.

Read more
Placeholder thumbnail
Is your healthcare organisation ready for the PSTN switch-off?

Preparing healthcare organisations for the PSTN switch-off

Read more

Stay service-savvy

Get all the latest news and insights straight to your inbox.