More about the Cyber Advisor scheme
The new Cyber Advisor (Cyber Essentials) scheme has been developed to provide small and medium sized organisations with reliable and cost effective cyber security advice and practical support.
The focus of that advice and support will be on the implementation of the technical controls set out in Cyber Essentials. This approach will improve the cyber security of small organisations and reduce the likelihood of the most commonly experienced cyber attacks.
Under the new scheme those organisations who have a qualified Cyber Advisor on their staff will be able to apply to become an NCSC Assured Service Provider. Only organisations which become Assured Service Providers and employ a qualified Cyber Advisor will be able to offer NCSC assured Cyber Advisor services to customers.
How does it work?
The Cyber Advisor scheme gives buyers the confidence that their chosen service provider is offering cyber security advice to an NCSC approved standard. All Cyber Advisors must work for a company which has met the NCSC’s standards and been accepted as an Assured Service Provider.
Who is it for?
The Cyber Advisor scheme is for small and medium sized organisations across the UK aiming to improve their basic cyber security and avoid the disruption caused by some of the most common cyber attacks.
How are Cyber Advisors assessed?
NCSC assured Cyber Advisors will have to pass an independent assessment outlined here. This measures their:
- knowledge and understanding of the Cyber Essentials’ technical controls
- competence in providing practical, hands-on support
- ability to understand and work with small and medium sized organisations.
The assessment tests the candidates’ knowledge of the Cyber Essentials Standard and the practical skills required to implement any recommendations made to organisations who wish to meet the Standard.
For more information on the Cyber Advisor scheme, or to view a full list of assured Cyber Advisor providers please visit IASME’s webpage.
FAQs
It can be difficult for small organisations to know who to turn to for reliable cyber security advice. The following information has been provided by the NCSC to help buyers and service providers.
All Cyber Advisors must work for a company which has met the NCSC’s standards and been accepted as an Assured Service Provider.
This means that Cyber Advisors have met the NCSC standard and have passed an assessment. By choosing a Cyber Advisor through one of our Assured Service Providers, you can have confidence that they have met the NCSC standard. They will have had to demonstrate a proven track record of delivering high quality customer service and tailored advice to meet an organisation’s particular needs.
When choosing a provider, a business may wish to consider whether they have the relevant experience in the sectors they operate in, or in the technology that they use.
There is no recommended price for assured Cyber Advisors to charge. Each job will vary dependent upon the size of the organisation and the complexity of their IT.
The Cyber Advisor scheme provides small and medium sized organisations with reliable and cost effective cyber security advice and practical support.
The scheme allows the NCSC to recommend independently assured organisations to consumers, so they can have confidence in buying cyber security advice. For those companies already doing this type of work, the Cyber Advisor scheme aims to recognise competence of advisors under the NCSC Cyber Advisor (Cyber Essentials) scheme.
These advisors will then provide advice and guidance to Micro, Small and Medium (SME) businesses who wish to implement cyber security controls to a level equivalent to Cyber Essentials but do not possess the internal skills to implement them.
The certification of advisors aims to ensure that they provide a consistent level of advice and provide SME businesses with the ability to identify competent advisors.
To offer NCSC assured Cyber Advisor services, your organisation will need to become an Assured Service Provider registered with our scheme delivery partner, IASME.
You will also need to employ at least one formally assessed Cyber Advisor. Similarly, a Cyber Advisor must have passed the assessment and be employed by an Assured Service Provider before they can offer NCSC assured Cyber Advisor services.
Companies of any size can apply to join the scheme and we welcome those located in or serving geographically remote or underrepresented areas.
When applying to be an Assured Service Provider, organisations will be expected to meet requirements demonstrating good cyber security and a commitment to achieving an excellent and consistent customer experience. You will also need to have Cyber Essentials certification.