top of page

Embark on your journey to Cyber Essentials and Cyber Essentials Plus certifications with Kris Hermans' comprehensive guide.


Achieving Cyber Essentials certification is a significant step towards demonstrating your organization's commitment to cybersecurity. Kris Hermans, a recognized authority in cybersecurity, offers a definitive resource for understanding the certification process and successfully achieving these important credentials.

Mastering Cyber Essentials

  • 1. Introduction

    • Understanding Cyber Essentials
    • The Importance of Cyber security

    2. Cyber Essentials: The Essentials

    • Overview of Cyber Essentials and Cyber Essentials Plus
    • Benefits of Cyber Essentials Certification
    • The Five Key Controls

    3. Starting Your Cyber Essentials Journey

    • Assessing Your Current Situation
    • Building a Cyber Essentials Implementation Team
    • Developing an Implementation Roadmap

    4. Control 1: Secure Configuration

    • Securing Hardware and Software
    • Implementing Configuration Management
    • Patch Management
    • System Hardening

    5. Control 2: Boundary Firewalls and Internet Gateways

    • Understanding Firewalls and Internet Gateways
    • Configuring Firewalls and Gateways
    • Monitoring and Maintenance

    6. Control 3: Access Control and Privilege Management

    • Implementing Access Control Policies
    • Managing User Accounts
    • Privileged Account Management
    • Monitoring and Reviewing Access Controls

    7. Control 4: Malware Protection

    • Types of Malware and Threats
    • Anti-Malware Software and Tools
    • Regular Scanning and Updating
    • User Education and Awareness

    8. Control 5: Patch Management

    • The Importance of Patch Management
    • Identifying and Prioritizing Patches
    • Patch Deployment and Verification
    • Patch Management Tools

    9. Cyber Essentials Plus

    • Understanding the Differences between Cyber Essentials and Cyber Essentials Plus
    • The Assessment Process
    • Preparing for a Cyber Essentials Plus Assessment

    10. Employee Training and Awareness

    • Establishing a Cybersecurity Training Program
    • Training Content and Frequency
    • Measuring Training Success

    11. Incident Management and Response

    • Developing an Incident Response Plan
    • Incident Reporting and Escalation
    • Post-Incident Review and Lessons Learned

    12. Continuous Improvement

    • Identifying Opportunities for Improvement
    • Implementing Changes and Updates
    • Monitoring and Reviewing Cybersecurity Practices

    13. Certification and Accreditation

    • Selecting a Certification Body
    • Preparing for the Cyber Essentials Assessment
    • Maintaining Certification

    14. Tools and Resources for Cyber Essentials Implementation

    • Cybersecurity Software Solutions
    • External Cyber Essentials Consultants and Services
    • Cyber Essentials Templates and Checklists

    15. Conclusion

    • Building a Cybersecure Culture
    • Beyond Cyber Essentials: Other Security Standards and Frameworks
    • The Future of Cybersecurity

    16. About the author

bottom of page