FPT achieves dual Cyber Essentials certifications, advancing security compliance for enterprises

FPT has obtained both Cyber Essentials (CE) and Cyber Essentials Plus (CE+) certifications, UK government-backed cybersecurity standards that verify an organisation’s defences against the most common cyber threats. The achievement reflects FPT’s capabilities and readiness to maintain high levels of digital security, meeting evolving expectations of global customers.

The CE scheme, established by the UK’s National Cyber Security Centre (NCSC), comprises two certification tiers designed to help organisations protect against common cyber attacks. The foundational CE certification is awarded through a verified self-assessment, confirming the implementation of five core security controls, including firewalls, secure configuration, user access control, malware protection, and security update management. Meanwhile, CE+ is the higher tier of the scheme, requiring independent technical testing to verify that core security controls are functioning through common real‑world attack testing scenarios. The assessment involves a hands-on audit of systems and devices, including vulnerability scanning, malware defence testing, and authentication checks. With these requirements, both certifications provide assurance that key security measures are implemented effectively to support secure and well-governed IT operations.

As cyber threats grow in scale and sophistication, FPT has strengthened its security practices to meet increasingly stringent compliance requirements in regulated markets such as the UK. To attain both certifications, the company underwent a rigorous independent assessment, where end-user devices across multiple operating systems were randomly selected for testing to validate the effective implementation of security controls. FPT also enhanced its patch management processes, ensuring timely updates and consistent enforcement across its environment. For clients, this demonstrates FPT’s security controls are consistently maintained in day-to-day operations, helping reduce risk and adapt to emerging threats, shifting attack techniques, and the evolving demands of modern IT environments.

“Cyber threats today move faster and hit harder than ever, as AI is lowering the barrier for attackers while raising the stakes for every organisation we work with. With more than 30,000 AI-augmented engineers and over 300 certified cybersecurity professionals, our clients can draw on our full cybersecurity spectrum — from offensive testing and threat detection to AI security and cloud defense,” said Mark Scrivens, CEO of FPT Great Britain.

The CE and CE+ certifications build on FPT’s end-to-end security capabilities across global markets, including offensive security, cyber defense, digital risk management, and cloud and AI security. Alongside its AWS Partner status and CREST accreditation, the company is also a member of the Microsoft Intelligent Security Association, reinforcing its alignment with globally recognized security standards and industry best practices. Through delivering more than 300 security engagements annually, FPT continues to strengthen its ability to address increasingly complex cyber threats, enabling organisations to build resilient, scalable, and compliant systems that sustain trust in modern, cloud-first and AI-driven environments.