Yes, the Cyber Essentials Scheme was updated on 28 April 2025 to reflect the evolving nature of cyber threats (increasing adoption of cloud services) and our changing working practices, (particularly the trend towards home working and hybrid working).
With these changes, Cyber Essentials is placing greater emphasis on certain security controls, such as the use of multi-factor authentication, password management and the need to apply ‘critical’ or ‘high-risk’ software update fixes within 14 days of release.
URM has written a blog Cyber Essentials – What’s Changing in 2025? summarising all of the changes that were made to the scheme and addresses questions such as:
- What Were The Key Changes?
- What Changes Will I See When Completing The Questionnaire?
- Were Any Changes Made To Cyber Essentials Plus?
We are extremely grateful for the outstanding support the URM Team provided throughout our Cyber Essentials and Cyber Essentials Plus journey. Their professionalism, technical expertise, and pragmatic guidance were key to our successful certification. We would like to call out a personal thanks to our assessor, who was particularly impressive throughout. From the initial assessment through remediation and validation, he demonstrated clear expertise, practical recommendations, and strong communication. This, coupled with his thoroughness, responsiveness, and collaborative approach, made the process efficient for our whole team.
Aerospace and defence engineering company
Do you know where your greatest vulnerabilities sit?
Find out through a Cyber Security Headline Assessment
Find out more
related BLog
Understanding Defence Cyber Certification (DCC)
Published on
29 May
2026
URM’s blog explains how the DCC works, who needs it, the benefits of certification, with clear guidance on how to approach compliance and avoid common mistakes.
Read more
Cyber Security
Published on
22/5/2026
Cyber Security and the Board: The UK Cyber Resilience Pledge in FocusURM’s blog explains the purpose, structure and content of the Government’s new Cyber Resilience Pledge, and what it means for organisations across the UK.
Read more
Cyber Security
Published on
16/4/2026
Mitigating Cyber Risks: Why Cyber Essentials Matters More Than EverURM’s blog highlights the growing threat to cyber security in the UK and the importance of the Cyber Essentials scheme in mitigating these risks.
Read more
Cyber Security
Published on
16/4/2026
Cyber Essentials Requirements UpdateURM’s blog breaks down the latest changes to the Cyber Essentials requirements and outlines why these updates matter for organisations seeking certification.
Read more
"
The guidance and support we’ve received from URM during the process for both certifications have been exceptional, putting us at ease and providing clear and concise explanations and advice to ensure we met all the necessary requirements. We would not hesitate to recommend them.
contact US
Let us help you
Let us help you in your compliance journey by completing the form and letting us know how we can best support you.