Case Study – Cyber Essentials Plus

Our client is a rubber moulding business with 80 plus employees, working across many different industries including aerospace, defence, nuclear energy, and prestige automotive.

When conducting our initial consultation during the onboarding process with the client they mentioned that they now required the extended Plus certification for Cyber Essentials (CE+), whereas in previous years they only required the standard certification. They required our assistance with implemented remediations that were discovered during a pre-scan assessment. This is because they were using software that had become end-of-life, and they had not had server maintenance performed by their previous IT provider for almost two years!

We collaborated closely with the auditor to understand the specific requirements and necessary remediations. Using our patch management system, we conducted remote remediations where possible, which included registry fixes and scheduling Windows updates for all end-user machines to ensure they were up-to-date. Additionally, we decommissioned a server and several outdated machines running end-of-life operating systems.

To address the remaining issues, we performed onsite work to access all machines, initially identifying around 700 individual issues that needed resolution. As we progressed, we worked systematically to resolve these issues and maintained regular communication with the auditor, discussing ongoing remediation needs and troubleshooting any remaining issues. Our efforts paid off, and the client successfully achieved Cyber Essentials Plus certification.

The client now enjoys enhanced cybersecurity compliance, with a clear plan to maintain updates to make the certification process smoother in the future. This case study showcases our expertise in managing complex cybersecurity remediation projects and achieving critical compliance for our clients.

We had a great response from their Business Intelligence Manager who was very thankful for the help we provided as he was the one who previously had to try and resolve multiple years of IT neglect from previous providers before they found us!