2023 Cyber Essentials Changes

Share This Post

The Cyber Essentials framework is a cyber security framework that we recommend to all our clients. It covers the most basic security measures you should have in place within your business. 

Cyber Essentials does get some negative reviews; this is because it is basic and only covers the essentials. This does, however, appeal to small businesses that need to gain the knowledge to develop complex cybersecurity solutions, and they also don’t often have the budget. Cyber Essentials ensures that they have the bare minimum security in place and can repel basic cyberattacks. 

This Framework is not going to protect you if more advanced cybercriminals decide to target your business. It is also missing a few important parts to being cyber secure. However, it is a start, and if you want to work with local authorities or government organisations, you must have the Cyber Essential Certification.  

Back in January 2022, the Cyber Essentials framework had a makeover. It was the most substantial change since its introduction in 2014. In addition, new controls were introduced, and you can learn all about them HERE.

Two changes were:

These were expected to be done and sorted out by businesses before January 2023 and announced 12 months in advance in order to give businesses time to adjust. These updates are not massive shake-ups of the certification, but there will be clarification on certain aspects of the controls. 

In April of 2023, a few more changes will be made to the Cyber Essentials qualification. These developments to the checklist regularly ensure that the security of your business is kept up to date with modern threats and provide solutions to the pre-existing guidelines so that you can ensure your business works best with the Qualification and has the best base layer f protection from cybercrime. 

Third-Party/ Subcontractors

Integral IT has seen a surge of businesses employing subcontractors rather than those on their own payroll. These subcontractors often prefer to use their own devices, such as laptops ad PCs. Therefore, guidance will be put in place on how to deal with this on a cyber essentials level. 


Firmware is a software update for hardware. This could include updates for printers or firewalls. Previously, Cyber Essentials stated you had to ensure that all Firmware has the most up-to-date version. However, This was causing a few issues. This is, therefore, getting loosened, and you only have to ensure your router firewall framework is up to date. 

Anti-virus Software

Cyber Essentials is evolving as security software gets more sophisticated. Up until now, the only antivirus that was checked was file-based antivirus. This is due o change in April. 

The changes with the 12-month warning that we discussed earlier were announced in January 2022 and were initially scheduled to come out the following January. However, with other changes occurring in April, Cyber essentials Pushed the updates back. 

Subscribe To Our Newsletter

Get updates and learn from the best

More To Explore

How to use Microsoft to do

The ULTIMATE Microsoft To Do Tutorial

How do you handle your to-do lists? Do you write tasks on scraps of paper? Or do you pop them in a notebook? Perhaps you have a digital application such as Todoist!  If you’re a Microsoft 365 user, you already pay for a task management system! It is called Microsoft To Do.  We all have

Zero Trust Holy Grail

Is Zero Trust Security The Holy Grail OF Cyber Security?

USA president, Joe Biden, thinks that Zero Trust is the way to go in your cyber security journey, but, what is Zero Trust, and what does it mean for your business?  When it comes to your business, I’m sure you’ve got a strategy in place for how you’re going to win new business, market your

Scroll to Top