MTD Ltd renews Cyber Essentials Plus for 2025

Successfully gaining Cyber Essentials in 2023 and 2024, leading UK manufacturer, MTD Ltd (Midland Tool & Design Ltd) were confident the business was well placed to achieve the highly coveted Cyber Essentials Plus certification again in 2025.

UK manufacturer reaffirms security standards with Cyber Essentials Plus certification renewal

Having successfully achieved Cyber Essentials Certification in both 2023 and 2024, leading UK manufacturer MTD Ltd (Midland Tool & Design Ltd) felt confident that the business was well-positioned to secure the highly sought-after Cyber Essentials Plus certification.

Cybercriminals see thriving businesses as prime targets. By gaining unauthorised access to company accounts, they can steal crucial information, including employee credentials, corporate data, and financial records. These well-organised criminals exploit the weaknesses of unprepared, vulnerable organisations.

As such, it is crucial businesses of all sizes adopt solid pro-active IT security practices.

Ransomware, malware, phishing, and identity theft cases are becoming more widespread. Potential clients want reassurance that they are working with providers that have adequate security measures in place.

A key identifier of a security-savvy customer or supplier is the presence of Cyber Essentials accreditations.

MTD Ltd (Midland Tool & Design Ltd), a Midlands-based manufacturer specialising in electrified solutions, supplies industries such as Aerospace, Automotive, Power Generation, Medical, and Defence worldwide. Known for their security-first approach, the company has earned respect across the industry. After achieving Cyber Essentials certification in 2023 and 2024 with the support of Redloft Technology, MTD Ltd decided to further solidify its reputation as a security-conscious business by pursuing Cyber Essentials Plus certification in 2025.

Why Cyber Essentials Plus

Cyber Essentials Plus expands upon the Cyber Essentials Verified Self-Assessment and includes a rigorous external audit of the organisation’s IT systems. Supported by the UK government and National Cyber Security Centre (NCSC), the aim of the audit is to confirm that all controls declared in Cyber Essentials are implemented on the organisation’s network.

Darren Booton, Managing Director at MTD Ltd (Midland Tool & Design Ltd), explains the company’s decision to apply for Cyber Essentials Plus with the assistance of Redloft Technology. “The Cyber Essentials certification we achieved last year positioned MTD Ltd as a go-to supplier for clients in the automotive and aerospace industry as well as UK government. These high-profile customers seek suppliers who can demonstrate cyber security of the highest level. Our customers are increasingly required by their supply chains to be basic Cyber Essentials certified at a minimum.”

Darren continues, “Redloft Technology successfully guided us through the original Cyber Essentials process. The level of knowledge and understanding their consultants hold around Cyber security is immense. Having worked with Redloft for several years, their consultants have a very good understanding of our business processes and IT infrastructure. We knew they were the only company we would trust to help us through the Cyber Essentials Plus certification.”

Key benefits of Cyber Security Plus

Barry Mansell, Senior Cloud Consultant at Redloft Technology shares some of the benefits of obtaining Cyber Essentials Plus. “To achieve Cyber Essentials Plus, assessors audit the business’s IT system to check that what was detailed in Cyber Essentials has been appropriately implemented. By obtaining Cyber Essentials Plus, a business can publicly declare that they have passed this stringent audit and are proven to meet baseline security standards set out by Cyber Essentials. The benefits include the prevention of approximately 80% of cyber-attacks; improved supply chain security; a USP for winning new business; the ability to work with the UK government; and assures stakeholders of the business commitment to data security.”

Darren adds, “Having your business assessed by an external source is daunting, especially as Cyber Essentials is so scrupulous. However, the Redloft team put us at ease with their preliminary checks and reassurance that everything was set appropriately, and as described. They helped us prepare for the basic accreditation which we passed without a hitch. Our highly enhanced security practices positioned us well for the higher-level certification. 

Having completed the thorough external assessment, MTD Ltd (Midland Tool & Design Ltd), were successfully certified with Cyber Essentials Plus.

Darren concludes, “We are delighted to have achieved Cyber Essentials Plus. The Cyber Essentials auditors truly leave no stone unturned; the audit is extremely thorough. The certification is a credit to our own employee buy-in, who take security extremely seriously and the expertise of the Redloft consultants advising and guiding us to fully compliant success.”

What does Cyber Essentials Plus involve?

There are five key elements of a Cyber Essentials Plus audit. These are summarised by Cyber Essentials (https://cyberessentials.online/cyber-essentials-plus) as:

• A sample of the organisation’s devices is selected, and an audit is conducted on each to ensure they are configured as set out in the scheme.

• These machines will be subjected to a vulnerability scan to confirm all patching and basic configuration is to an acceptable level.

• An external port scan of any internet facing IP addresses will be conducted to ensure no clear and obvious vulnerabilities or misconfigurations are present.

• The default email/internet browser will be tested to confirm how well configured they are to prevent execution of fake malicious files.

• Screenshots will be taken to use as evidence to show that the system is Cyber Essentials compliant.

Is your organisation certifiably cyber secure?

The 2023 Cyber Security Breaches Survey (https://www.gov.uk/government/statistics/cyber-security-breaches-survey-2023/cyber-security-breaches-survey-2023) conducted by the UK government, found a staggering 32% of UK businesses and 24% of UK charities reported a cyber-attack in 2023. Sadly, this correlates with 67% of SMBs currently feeling that they do not have the in-house skills to deal with data breaches and more than half of the small-medium business surveyed having no formal cyber security strategy in place.

If you have concerns about your organisations IT security, are looking to implement more formal processes or would like to know more about Cyber Essentials, contact us today. Our business is securing your business.