Cyber Essentials
DashboardSign Out

Lesson 8.5 — Final malware protection review: coverage, evidence, exceptions and common failures

This lesson closes the Malware Protection module by helping the learner complete a final readiness review across anti-malware software, application allow listing and application sandboxing.

What You'll Be Able to Do

By the end of this lesson, you will be able to:

  • complete a final Malware Protection readiness review
  • confirm that every in-scope device has a suitable malware protection method
  • check whether anti-malware
  • allow listing or sandboxing evidence is sufficient
  • identify unsupported or unmanaged gaps
  • review exceptions

Why This Matters

It focuses on coverage across all in-scope devices, evidence quality, exceptions, supplier-managed devices, BYOD, mobile devices, servers and common failures that could weaken a Cyber Essentials submission.

The Core Rule

Malware Protection is ready when the organisation can show that every in-scope device has a suitable, active and evidenced protection method.

The method may be anti-malware software, application allow listing, application sandboxing or a combination.

Copy This

Keep this rule visible:

Do not submit the Malware Protection section until every in-scope device group has a clear protection method and evidence that supports it.

Quick Checklist

Before moving on, make sure you can say yes to these:

  • [ ] What is the final Malware Protection question?
  • [ ] Why is a product name not enough evidence?
  • [ ] What should anti-malware evidence show?
  • [ ] What should allow listing evidence show?
  • [ ] What should sandboxing evidence show?

Your Action

Do this now — it takes 10–20 minutes.

Review your malware protection evidence. Do you have proof of coverage for every device type in scope? Note any gaps.

Key Takeaway

Do not submit the Malware Protection section until every in-scope device group has a clear protection method and evidence that supports it.

Your Workbook Activity

Complete: Final malware protection readiness review record

Next Lesson

In the next lesson: Security update management: supported software, vulnerabilities and the 14-day rule

Up next

Interviews

Explore interviews with industry experts and thought leaders.