Cyber Essentials Grace Period Extended

6 Jan 2023

Cyber Essentials has extended the certification grace period to April 2023 to coincide with the next technical requirements refresh.

In January 2022, the National Cyber Security Centre (NCSC) announced an update of the Cyber Essentials technical controls.

At the time, organisations looking to be assessed against the new standards were given a grace period of up to 12 months for some of the requirements. This grace period was due to end in January 2023.

The decision has now been made to extend the grace period for a further three months until April 2023. The new deadline will coincide with the next, light touch, update to Cyber Essentials’ technical requirements.

Forthcoming update to Cyber Essentials

The April 2023 update to the Cyber Essentials technical requirements will focus largely on a series of clarifications. It will, however, also include important new guidance around:

    what falls under the scope of ‘firmware’
    third party devices
    device unlocking
    malware protection
    zero trust architecture in the context of achieving Cyber Essentials
    the importance of asset management.

 The National Cyber Security Centre (NCSC) aims to announce the full update of the requirements in January, ahead of the go-live in April 2023.

Find out more about Cyber Essentials from the NCSC website.

LoughTec Cyber Security Company offers the right level of support to businesses to help them achieve their Cyber Essentials certification. No hidden costs, just a market-leading offer.

If you are interested in learning more, get in touch with LoughTec today, who will guide you through the process of getting Cyber Essentials certified. Email info@loughtec.com or call 028 8225 2445.