Has The Cyber Essentials scheme been updated?

Yes, the Cyber Essentials Scheme was updated on 28 April 2025 to reflect the evolving nature of cyber threats (increasing adoption of cloud services) and our changing working practices, (particularly the trend towards home working and hybrid working).

With these changes, Cyber Essentials is placing greater emphasis on certain security controls, such as the use of multi-factor authentication, password management and the need to apply ‘critical’ or ‘high-risk’ software update fixes within 14 days of release.

URM has written a blog Cyber Essentials – What’s Changing in 2025? summarising all of the changes that were made to the scheme and addresses questions such as:

  • What Were The Key Changes?
  • What Changes Will I See When Completing The Questionnaire?
  • Were Any Changes Made To Cyber Essentials Plus?
URM’s in-depth knowledge of cybersecurity best practices and the Cyber Essentials framework helped us strengthen both ours and our client’s security posture while ensuring full compliance. Their consultants were professional, approachable, and incredibly thorough, offering practical advice tailored to the specific needs. The Cyber Essentials Plus assessment was conducted with great efficiency, and URM’s supportive approach meant we felt well-prepared at every stage. Thanks to their expertise, we successfully achieved certification for us and our clients, giving us (and our clients) greater confidence in our cybersecurity resilience.
IT support company
Apply for Cyber Essentials certificate

Supplementing Cyber Essentials

Published on
11 Jul
2025

URM’s blog outlines the practical measures you can take following Cyber Essentials certification to further enhance your information & cyber security posture.

Read more
Thumbnail of the Blog Illustration
Cyber Security
Published on
3/7/2025
Understanding Lexcel and the Specialist Quality Mark (SQM): How Cyber Essentials Can Benefit Your Practice

URM’s blog explores how Cyber Essentials can help your legal practice enhance its security posture and achieve/maintain its SQM or Lexcel accreditation.

Read more
Thumbnail of the Blog Illustration
Cyber Security
Published on
26/6/2025
Cyber Essentials Questions Answered: Technical Requirements, BYOD Compliance and the Future of the Scheme

URM’s blog answers key questions about CE, focusing specifically on its technical requirements, use of BYOD, and how the scheme may change in the future.

Read more
Thumbnail of the Blog Illustration
Cyber Security
Published on
16/6/2025
Lexcel: Deconstructing Your Information Management and Security Policy

URM explains each control law firms must include in an information management and security policy that complies with the Lexcel Practice Management Standard.

Read more
"
We have just received the CE+ certificate and notification that we have passed; we wanted to thank our assessor for all his help with this. It is greatly appreciated. I know that our team is very grateful as they were expecting the process to be difficult. Instead of being difficult, URM’s assessor made it a smooth process and we have all learned a lot
contact US

Let us help you

Let us help you in your compliance journey by completing the form and letting us know how we can best support you.