The Danzell question set comes into effect on 27 April 2026, alongside an updated Cyber Essentials Plus test specification. This blog explains how assessors will more strictly verify update management compliance in Cyber Essentials Plus assessments using the Danzell question set. IASME has identified cases where organisations apply selective updates during assessments. To address this, […]
In today’s digital-first education world, cyber threats are more real than ever. Schools, colleges, and universities depend heavily on technology — from managing admin systems to delivering online learning. But with this reliance comes risk. Educational institutions hold vast amounts of sensitive data about students, staff, and finances, making them a prime target for cybercriminals. […]
Cyber Essentials Plus: How Assessors Verify your Scope When organisations prepare for a Cyber Essentials Plus (CE+) assessment, most attention naturally focuses on patching, endpoint protection, and firewall configurations. Yet one of the first and most decisive topics an assessor will examine is something far more foundational: scope. Before any technical testing begins, the assessor […]
We wanted to provide a bit of clarification around web browser support and how this is assessed as part of a Cyber Essentials submission. Browser support cycles When a software vendor states that only the current major release, or the current plus the immediately previous release, is supported for security updates and vulnerability fixes, any browser versions older than this are considered unsupported software. If unsupported browser versions are […]
Author: Joy Findlay, Cyber Essentials assessor Why Cyber Essentials and Cyber Essentials Plus Matter for the Education Sector In today’s digital-first education world, cyber threats are more real than ever. Schools, colleges, and universities depend heavily on technology, from managing admin systems to delivering online learning. But with this reliance comes risk. Educational institutions hold […]
As part of our Cyber Security Awareness month campaign. Translating Cyber Risk for the Boardroom In today’s academic environments, educational institutions are evolving at pace , embracing cloud technologies, hybrid (blended) learning, digital assessments, and complex student information systems. But this digital leap also brings an alarming rise in cyber threats. From ransomware attacks, to […]
A Hitch-Hacker’s Guide to the Galaxy – Developing a Cyber Security Roadmap for Executive Leaders In this blog series, I am looking at steps that your organisation can take to build a roadmap for navigating the complex world of cyber security and improving your cyber security posture. There’s plenty of technical advice out there for […]
Part two: Turning obligation into opportunity Author: Sonia Davies, licensing portfolio specialist, Jisc. Now you’ve laid the groundwork with software discovery and reconciliation, the next phase is where things get strategic. This blog dives into how consolidating compliance across your institution not only streamlines operations but also opens the door to greater control, cost savings, and […]
A Hitch-Hacker’s Guide to the Galaxy – Developing a Cyber Security Roadmap for Executive Leaders In this blog series, I am looking at steps that your organisation can take to build a roadmap for navigating the complex world of cyber security and improving your cyber security posture. There’s plenty of technical advice out there for […]
A Hitch-Hacker’s Guide to the Galaxy – Developing a Cyber Security Roadmap for Executive Leaders In this blog series, I am looking at steps that your organisation can take to build a roadmap for navigating the complex world of cyber security and improving your cyber security posture. There’s plenty of technical advice out there for […]