Skip to content
Nebula ITNebula IT
  • About Nebula IT
    • About NebulaWho we are and what we stand for
    • The TeamStory, values, why we exist
    • InsightsNews, guides, expert thinking
    • EventsAll event information in one place
    • Our WorkProjects, partnerships, real outcomes
  • What We Do
    • Managed IT SupportHelpdesk, monitoring, peace of mind
    • Cyber ResilienceProtection, response, recovery
    • AI & AutomationCopilot, automation, efficiency
    • Cyber EssentialsCE to CE+, simplified
  • Who We Help
    • Charities & Non-ProfitsFunder compliance, nonprofit M365
    • MOD Supply ChainDDC, CE+
    • SMEsStrategic IT for growing teams
  • For Clients
    • Client PortalLog in to your support portal
    • CE ChecklistCheck your Cyber Essentials readiness
    • Cyber Resilience Self-AssessmentScore your resilience in 5 minutes
    • ResourcesWhite-papers, e-books
Contact UsBook IT Health Check
Nebula IT
01About Nebula IT
  • About NebulaWho we are and what we stand for
  • The TeamStory, values, why we exist
  • InsightsNews, guides, expert thinking
  • EventsAll event information in one place
  • Our WorkProjects, partnerships, real outcomes
02What We Do
  • Managed IT SupportHelpdesk, monitoring, peace of mind
  • Cyber ResilienceProtection, response, recovery
  • AI & AutomationCopilot, automation, efficiency
  • Cyber EssentialsCE to CE+, simplified
03Who We Help
  • Charities & Non-ProfitsFunder compliance, nonprofit M365
  • MOD Supply ChainDDC, CE+
  • SMEsStrategic IT for growing teams
04For Clients
  • Client PortalLog in to your support portal
  • CE ChecklistCheck your Cyber Essentials readiness
  • Cyber Resilience Self-AssessmentScore your resilience in 5 minutes
  • ResourcesWhite-papers, e-books
05Company
  • Contact Us
Book IT Health Check →

Home - Cyber Essentials Checklist

  • About Nebula IT
    • About Nebula
    • The Team
    • Insights
    • Events
    • Our Work
  • What We Do
    • Managed IT Support
    • Cyber Resilience
    • AI & Automation
    • Cyber Essentials
  • Who We Help
    • Charities & Non-Profits
    • MOD Supply Chain
    • SMEs
  • For Clients
    • Client Portal
    • CE Checklist
    • Cyber Resilience Self-Assessment
    • Resources
Nebula IT
Free · 2 minutes · No signup

Is your organisation ready for
Cyber Essentials v3.3?

The rules changed in April 2026 — and most businesses and charities don’t know it yet. New automatic-fail rules mean many organisations will fail their next assessment without realising it. Answer 10 quick questions and find out exactly where you stand.

10 questions · 2 minutes Instant score out of 100 Personalised gap report

Aligned to Cyber Essentials v3.3 (April 2026) · For SMEs, charities & non-profits

Step 1 of 11

9%
Does your organisation currently hold a valid Cyber Essentials certificate?(Required)
Cyber Essentials certificates last 12 months. If yours has expired it is no longer valid.
How does your team verify their identity when logging in to your systems?(Required)
Text message (SMS) codes are no longer accepted under v3.3. An authenticator app or passkey is now required.
Is secure login (MFA) switched on for every cloud service your organisation uses?(Required)
This includes email, storage, finance tools, HR systems — if MFA is available it must be enabled to pass v3.3.
Are your devices set to automatically install security updates?(Required)
This applies to laptops, desktops, phones, tablets and routers used by your organisation.
When a critical security update is released, how quickly does your organisation install it?(Required)
Under v3.3, critical updates must be installed within 14 days of release - this is an automatic fail if not met.
Have you listed all the cloud services your organisation uses?(Required)
Under v3.3 no cloud services can be excluded - email, storage, finance, CRM, and all online tools must be in scope.
Does your organisation have any old devices that can no longer receive security updates?(Required)
Devices running Windows 10 (end-of-life October 2025) that cannot upgrade to Windows 11 must be removed from your network.
Does your organisation back up its important data regularly to a separate location?(Required)
Backups should be stored separately from your main systems - ideally a secure cloud backup that can't be deleted if systems are attacked.
Have you ever tested that your backup can actually be restored?(Required)
An untested backup may not work when you need it. v3.3 explicitly emphasises backups as a critical protection that must be verified.
Do any of your clients, funders, or partners currently require Cyber Essentials certification?(Required)
Government bodies, larger clients, and grant-making organisations increasingly require Cyber Essentials as a condition of contract or funding.
Name(Required)
Consent(Required)
Explore · Evolve · Elevate

2, Nebula IT Services Ltd, Riverside Court, Bowling Hill, Chipping Sodbury, Bristol BS37 6JX

01454 534009

What we do

  • Managed IT Support
  • AI & Automation
  • Cyber Resilience
  • Cyber Essentials

Who we help

  • MOD Supply Chain
  • Charities & Non-Profits
  • SMEs

Resources

  • About Nebula IT
  • Privacy Policy
  • Cyber Resilience Self-Assessment
  • Cyber Essentials Checklist

© 2026 Nebula IT. All rights reserved.

Site by Nebula Design

We use cookies to measure marketing efforts and improve our services. Please review the cookie settings and confirm your choice.
Accept cookies Confirm choice Reject cookies