- Virtual CIO
What is a Virtual CIO and Does Your Business Need One?
22 Jan, 2026
Free Tool
Security Controls Gap Checker
Check your IT security controls against Cyber Essentials Plus requirements. Identify specific gaps and get a prioritised remediation checklist.
Your Security Controls
Tick each control you have in place. Unchecked items will be flagged as gaps in your Cyber Essentials Plus compliance.
1. Firewalls & Internet Gateways
2. Secure Configuration
3. User Access Control
4. Malware Protection
5. Patch Management
Cyber Essentials Plus Technical Requirements
| Control Area | Key Requirements | CE+ Test Method | Common Failures |
|---|---|---|---|
| Firewalls | Boundary config, host-based firewalls on all devices | External vulnerability scan | Open ports, default credentials |
| Secure Configuration | Hardened builds, no default passwords or unnecessary services | Authenticated scan, manual check | Default passwords, unnecessary services |
| Access Control | Least privilege, individual accounts, MFA on cloud | Account review, cloud service check | Shared accounts, excessive privileges |
| Malware Protection | Real-time protection, automatic updates, on-access scanning | Malware detection test | Outdated signatures, disabled scanning |
| Patch Management | 14-day critical patches, no end-of-life software | Vulnerability scan, version check | Missing patches, EOL software |
Based on the NCSC Cyber Essentials Plus requirements. This tool provides guidance only and does not guarantee certification. Contact Cloudswitched for professional CE+ certification support.
More Free Tools
Try our other free security assessments and IT planning tools.