The National Cyber Security Centre (NCSC) and IASME Consortium have launched a new Industry Assurance scheme called the Cyber Advisor Scheme. The scheme, which was launched at CYBERUK in Belfast, is aimed at helping small and medium-sized enterprises (SMEs) in the UK secure their networks by providing them with cost-effective advice and hands-on help to implement the five Cyber Essentials Technical Controls.
Small organisations often lack in-house expertise or easy access to qualified people who can help them to secure their networks. They also have limited time and funds to invest in security, which makes it hard for them to know where to focus their resources. This is where Cyber Advisors come in. They provide targeted consultancy services to small organisations, whether they are businesses, schools or charities.
The Cyber Advisor Scheme is linked to the Cyber Essentials Technical Controls because they are believed to mitigate the majority of high volume, low-skill attacks perpetrated through the Internet. The scheme is not a way of increasing Cyber Essentials certificate numbers; rather, it is designed to help organisations implement the Technical Controls at scale across the UK.
The Cyber Advisor Scheme is open to companies of any size, with a particular focus on those located in or serving geographically remote or under-represented areas. Companies working hard to address issues of under-representation in the cyber security workforce are also encouraged to join the scheme. More than 20 companies are currently offering the Cyber Advisor (Cyber Essentials) service, with potential for many hundreds more companies and advisors to join the scheme.
Every Cyber Advisor must pass an independent assessment called the Certificate of Competence in Cyber Essentials Implementation. The assessment tests an individual’s knowledge and understanding of the Technical Controls, their competence in doing practical, hands-on IT configuration and support, and their ability to understand and work with small organisations. All Cyber Advisors work for companies that have met the NCSC’s requirements and have been accepted as an Assured Service Provider for the Cyber Advisor service.
The Cyber Advisor Scheme is expected to make a significant impact on the UK’s cyber security landscape, by helping SMEs to secure their networks and mitigate cyber attacks.
More details can be found here.