Why Windows 10’s End of Life Matters for Cyber Essentials Plus
Navigating Compliance After Microsoft Ends Support for Windows 10
Microsoft officially ended support for Windows 10 on 14 October 2025, marking a major shift for organisations working toward Cyber Essentials Plus (CE+) certification. Without free security updates or patches, Windows 10 devices now pose a compliance risk – unless covered by Microsoft’s Extended Security Updates (ESU) programme.
For CE+ applicants, this change is more than a technical footnote. It directly affects your certification status. Devices running Windows 10 are no longer considered secure by default. To remain compliant, organisations must upgrade to Windows 11 version 23H2 or newer (ideally 24H2 or 25H2).
If your CE+ audit is scheduled within the 90-day window following your Cyber Essentials certification, any Windows 10 devices must be upgraded or removed from scope before submitting your asset list to the auditor.
“With Windows 10 now out of support, organisations pursuing Cyber Essentials Plus must act quickly. Upgrading to Windows 11 isn’t just best practice – it’s essential for compliance. At CyberLab, we’re here to make that transition smooth, secure, and audit-ready.”
– Ryan Bradbury, CTO at CyberLab
Why It Matters
Auditors will now perform technical verification during CE+ assessments.
If Windows 10 devices are detected:
- They must be excluded from scope.
- Failure to do so could result in audit failure or the need to restart both Cyber Essentials and CE+ assessments.
What You Need to Do Now
To stay secure and compliant, here are your next steps:
- Audit your device inventory: Identify any machines still running Windows 10.
- Upgrade to Windows 11: Preferably version 24H2 or 25H2. Note that 23H2 reaches end of life on 11 November 2025, so plan accordingly.
- Consider ESU: If upgrading isn’t feasible, explore Microsoft’s Extended Security Updates programme.
- Communicate with your auditor: Be transparent about your upgrade plans and ensure your asset list reflects only compliant devices.
This transition is a critical moment for organisations aiming to maintain Cyber Essentials Plus certification. By acting now, you’ll avoid last-minute surprises and ensure your systems meet the latest security standards.
Need help navigating the upgrade or preparing for your CE+ audit? CyberLab’s team is here to support you.
Free Posture Assessment
Understand your security risks and how to fix them.
Take the first step to improving your cyber security posture, looking at ten key areas you and your organisation should focus on, backed by NCSC guidance.
Claim your free 30-minute guided posture assessment with a CyberLab expert.
CyberLab Celebrates Recognition in Top 100 Best Companies 2025
CyberLab Celebrates Three Top 10 Results in Best Companies 2025
🏆 #8 Best Small Company To Work For in the UK
🏆 #10 Best Company to Work For in the North West
🏆 #5 Best Company to Work For in the Technology Sector
CyberLab is proud to celebrate our latest recognition in the prestigious Best Companies™ 2025 rankings!
These outstanding achievements are a testament to the incredible people who make CyberLab what it is. Their passion, creativity, and commitment to building a culture of excellence continue to drive us forward.
A Message from CEO Gavin Wood
“I’m incredibly proud to announce that once again we’ve delivered a fantastic result in this year’s Best Companies survey, and this time we’ve improved on last year’s performance.
What makes this achievement meaningful is the collective effort behind it. From our people helping our customers defend against the evolving cyber security threat landscape, to our leadership team shaping culture and direction, every person has played their part.
Our focus on Simplicity, Passion and Quality continues to pay off. This advance isn’t just a number or a badge. It’s a signal that our commitment to being a great place to work, and a great partner for our customers, is working.
As we grow, evolve and tackle new challenges, maintaining our culture is just as important as hitting targets. A big thank you to the whole team. Let’s build on this momentum and make next year even stronger.”
“I am over the moon to announce our results for Best Companies 2025. These incredible results are a testament to our people, plus their hard work and dedication in making CyberLab a great place to work.”
– Mimi Rostron, People & Culture Manager
At CyberLab, we believe that prioritising the wellbeing of our people is essential to both personal and organisational growth.
In this milestone year, we extend our heartfelt thanks to our incredible team. Their passion and commitment make this recognition possible, and we look forward to building on this success together.
