Targeted improvement in cybersecurity with Cert+
All risks at a glance, all options at hand: Cert+ is the translation of the unified security concept. It doesn't matter which hardware or software is used to solve certain tasks - security is vendor-neutral and so is Cert+.
The results and success of the measures are easy to read in the intuitive Cert+ evaluation system.
The three Cert+ levels compared to DIN SPEC 27076
DIN SPEC 27076
Definition of 27 minimum requirements from six subject areas to minimise the most relevant risks. A rigid process for auditing small companies (max. 50 employees) is specified for this purpose.
Cert+ Bronze
Around 80 essential measures in the ‘must have’ category from eleven subject areas for basic protection for SMEs. The ‘Bronze’ Cert+ status fulfils the basics of information security.
Cert+ Silver
If around 20 of the 60 additional measures in the ‘nice to have’ category are fulfilled, a company with the Cert+ Silver level has established a stable security infrastructure.
Cert+ Gold
If almost all of the approx. 180 measures have been fulfilled, a company achieves Cert+ Gold, which corresponds to a comprehensively implemented security concept. At this point, measures (e.g. risk management) for further certification (e.g. ISO/IEC 27001) can be started.
Why do SMEs need their own standard?
Despite the many daily reports and headlines, there is a lack of knowledge and measures relating to information security in the SME sector, as well as in public authorities and medical facilities.
Security concepts, employee training and technical solutions (e.g. UTM firewalls) are sometimes lacking. ‘Nothing will happen to me, I'm a small company’ is unfortunately heard far too often. But this argument is very dangerous, as the Federal Criminal Police Office's (BKA) cybercrime report shows.
These sectors were the focus of cyberattacks:
- Educational institutions
- finance
- healthcare
- IT service providers
- Public administrations and authorities
- Manufacturing industry
- Transport associations and airports
This shows that no one is safe from cyber criminals. The industry association Bitkom e. V. puts the economic damage at 148 billion euros for 2023.
Source: Bundeskriminalamt (Status: 28.02.2025)
Headlines from the media
„Every second SME has no effective security strategies.“ Lexware (2024)
„Cyberattacks: The greatest danger for SMEs“ Cash. (2024)
„Top 10 business risks worldwide in 2024: 1st place cyber incidents“ Allianz (2024)
„SMEs often lack an IT security culture“ industire.de (2024)
„SMEs are poorly prepared for cyber threats“ haufe.de (2023)
„Cyber security is becoming a key competence“ it-business.de (2023)
The Cert+ rolls
Cert+ Auditor
- Responsible for the recorded data records
- Full authorisations in the web app
- Required at least once in the company
Cert+ Engineer
- Supporting activities (especially data entry)
- Restricted authorisations in the web app
Cert+ Expert
- Additional qualification for Cert+ auditors
- Authorisation to prepare expert reports
- Membership in the DGuSV
What does Cert+ do for you as an IT service provider?
As an IT service provider, you know how important it is to offer your customers comprehensive information security solutions. With Securepoint Cert+ you get a comprehensive application option and therefore several benefits for your company. Expand your information security portfolio.
You can offer targeted security consulting based on the knowledge gained from the analysis with Cert+. This consulting supports your customers in developing and implementing customised information security strategies.
Advantages of Securepoint Unified Security Cert+
- Convenient web application: Cert+ is not a complicated work with dozens of forms, but a simple web-based solution.
Expand your product portfolio: Expand your offering with high-quality security consulting.
Acquire new customers and strengthen relationships: Cert+ enables you to acquire new customers and strengthen existing customer relationships.
Increased competitiveness: With certified employees, you position yourself as a competent partner in the field of information security. This gives you a decisive advantage over your competitors.
Increased customer satisfaction: With detailed consultations and audits, you are able to offer customised solutions and respond to the specific security needs of your customers. This leads to greater satisfaction and long-term customer loyalty.
Future-proof investment: With Cert+, you invest in the future of your company and ensure that you meet the growing needs of the market.
Expertise for your employees: From fresh trainees to experienced specialists - everyone learns more about information security and raises the level of expertise within the company.
What Securepoint partners say about Cert+
Ext-Com IT GmbH
Ext-Com IT GmbH has been active in the Cert+ community for many years. In addition to regular customer audits, the company supports the further development of Cert+.
simsystem GmbH
IT security is defined by Unified Security Cert+ on the basis of an independent, certified standard. Cert+ offers system houses and managed service providers a good starting point for addressing new and existing customers.
IT security at all levels
Antivirus for business
Securepoint Antivirus Pro is an extremely lean and effective application that reliably protects endpoints from malware, making it a multiple champion in the "Endpoint Protection" category of the Professional User Rating.
Unified Backup
Securepoint Unified Backup stores your data quickly and reliably in the cloud. The data is encrypted to the highest standards even before it is transferred. Restoring data can be done in the shortest possible time.
Mobile Device Management
Mobile Device Management (MDM) gives companies freedom of movement: smartphones and tablets used at work can be easily managed and secured centrally.