The National Cyber Security Centre (NCSC) has announced the full launch of its Cyber Advisors scheme to help smaller organisations achieve key cybersecurity controls and standards.
The Cyber Scheme are currently the only Accredited Assessment Provider for the scheme, developed and delivered in partnership with IASME.
Cyber Advisor is a targeted consultancy scheme aimed primarily at small organisations. Such organisations often lack in-house expertise or easy access to qualified people who can help them to secure their networks. And, because they often have limited time and funds to invest in security, it can be hard for a small organisation, whether it’s a business, a school or a charity, to know where to focus what resources they do have.
Cyber Advisors will provide cost-effective advice and, where required, hands-on help to implement the five Cyber Essentials Technical Controls. NCSC are calling them Cyber Advisors (Cyber Essentials) to differentiate them from any future Cyber Advisors offering a different ‘specialism’.
Why link Cyber Advisor to Cyber Essentials?
NCSC believe that the Cyber Essentials Technical Controls mitigate the majority of high volume, low-skill attacks perpetrated through the Internet. Therefore, one of the easiest ways to make the UK more secure is to help organisations to implement the Technical Controls at scale across the UK.Under the new scheme those organisations who have a qualified Cyber Advisor on their staff will be able to apply to become an NCSC Assured Service Provider. Only organisations which become Assured Service Providers and employ a qualified Cyber Advisor will be able to offer NCSC assured Cyber Advisor services to customers.
There are approximately 20 companies ready to offer the Cyber Advisor (Cyber Essentials) service in every nation of the UK and in the Channel Islands. The aim is for many hundreds more companies and Advisors to become certified, allowing UK organisations to protect themselves against future threat.
Using a Cyber Advisor
All Cyber Advisors must work for a company which has met the NCSC’s standards and been accepted as an Assured Service Provider.
This means that Cyber Advisors have met the NCSC standard and have passed an assessment. By choosing a Cyber Advisor through one of our Assured Service Providers, businesses can have confidence that they have met the NCSC standard. ASPs will have had to demonstrate a proven track record of delivering high quality customer service and tailored advice to meet an organisation’s particular needs.
Who can join the scheme?
To offer NCSC assured Cyber Advisor services, an organisation will need to become an Assured Service Provider registered with IASME.
They will also need to employ at least one formally assessed Cyber Advisor. Similarly, a Cyber Advisor must have passed the assessment and be employed by an Assured Service Provider before they can offer NCSC assured Cyber Advisor services.
When applying to be an Assured Service Provider, organisations will be expected to meet requirements demonstrating good cyber security and a commitment to achieving an excellent and consistent customer experience. They will also need to have Cyber Essentials certification.
How are Cyber Advisors assessed?
NCSC accredited Cyber Advisors will have to pass an independent assessment outlined here. This measures their:• knowledge and understanding of the Cyber Essentials’ technical controls• competence in providing practical, hands-on support• ability to understand and work with small and medium sized organisations.
The assessment tests the candidates’ knowledge of the Cyber Essentials Standard and the practical skills required to implement any recommendations made to organisations who wish to meet the Standard.
For more information, to book an exam or to contact us with any questions, please click here.