The challenge
The client needed Cyber Essentials to satisfy contract and supply-chain requirements, but a first look revealed gaps across MFA, patching, device configuration and account management, the kind of issues that fail the assessment.
What we did
- Assessed the estate against all five Cyber Essentials control themes
- Closed MFA and account-management gaps and tightened access
- Brought patching and device configuration up to the required standard
- Prepared the evidence and completed the self-assessment questionnaire
- Guided the client through to Cyber Essentials certification
The results
- Cyber Essentials certified, meeting the contract requirements
- A measurably improved baseline security posture, not just a certificate
- A clear path to maintain the controls through to annual renewal
