The Cyber Advisor (Cyber Essentials) scheme was launched in April 2023 to offer small and medium sized organisations in the UK and Crown Dependencies a choice of qualified cyber security experts assured by the National Cyber Security Centre (NCSC). Cyber Advisors are able to apply their technical knowledge and provide hands-on support to help an organisation put basic cyber security measures in place and to achieve Cyber Essentials certification. One year on, there are 90 Assured Service Providers for the Cyber Advisor scheme employing 94 Cyber Advisors spread across all regions.
Feedback from customers has been exceptional, with 100% of customers who filled out a customer satisfaction survey, following their engagement with a Cyber Advisor rating the overall service received by their Advisor as excellent or good. 98% rated their courtesy and professionalism as excellent and 100% answered that their Advisor fully understood their business requirements.
Other customer feedback comments include:
“They ensured I understand everything and could not have been more supportive.”
“Fantastic and cost-efficient service from start to finish; I would definitely use it again.”
“Top notch service, nothing to add – just keep at it.”
A real take home message from the scheme so far has been how focused the industry has previously been on large enterprises, often neglecting the needs of SMEs. An important element of the notably tricky Cyber Advisor exam assesses candidates on whether they can understand and communicate with small organisations to give proportionate and sensible cyber security support. The high level of skill needed to be a good cyber security consultant to small organisations is now recognised and the Cyber Advisor scheme has been gratefully received by smaller organisations in a broad range of sectors.
The Funded Cyber Essentials Programme is a three year National Cyber Security Centre programme to help fund micro and small-organisations to protect against many of the most common cyber attacks. Two years ago, the scheme initially targeted legal aid and charity sub-sectors, further broadening a year later to include organisations developing emerging technologies (Artificial Intelligence, semiconductors, Quantum technologies and Engineering Biology). The Funded Programme provides funding and support for small organisations in the specified sectors to gain Cyber Essentials Plus certification. Qualifying organisations receive around 20 hours of remote support with a Cyber Advisor. The time is spent identifying and implementing improvements that are right for the size and needs of the organisation and supporting them in implementing the five Cyber Essentials technical controls. This is followed by a hands-on technical verification that the controls have been put in place.
Organisations that received support from the Funded Programme said:
“The programme provided a focus to our cyber security work including increasing senior management buy-in.”
“It provided us with the focus and support to tackle and improve our cyber security – something that had been on our ‘wish list’ for a number of years.”
“We’ve had to learn so much more about our system and structure; we’re so much better positioned now. I’m actually really keen to learn more and see what other improvements we can make with our new-found knowledge and confidence.”
Assured cyber security professionals
For companies which become Assured Service Providers for the Cyber Advisor Scheme, and for individuals who qualify as Cyber Advisors, the NCSC’s ‘badge’ is a market differentiator; it provides customers with the assurance that those companies and individuals are able to deliver good quality, cost effective and proportionate cyber security advice to small organisations implementing the five Cyber Essentials technical controls.
Our Cyber Advisors say:
“Until the creation of the scheme there was no officially backed government stamp that approves an organisation or individual to give qualified cyber advice to small businesses. I love going into businesses that are struggling to improve their level of cyber security and giving them simple advice and templated policies to implement and seeing a massive improvement.”
Ian Waters, Cyber Advisor, Southern IT
“Being a Cyber Advisor instils trust in our business relationships and we would recommend becoming a Cyber Advisor for those consultants that want to form a lasting, trusted business relationship and our key advice is to become part of your clients’ business rather than just another supplier. We have made some genuine friends taking this approach.”
Chris Keogh-Ly, Cyber Advisor, Guardian Saints
“We wanted to ensure we carried the NCSC Assurance badge to distinguish us from other CBs and competitors. We also wanted to ensure that we weren’t going to be excluded from client tenders or grant applications open to only Cyber Advisors (such as the funded CE work).”
Neil Douglas, Cyber Advisor, Network Roi
Find an NCSC assured Cyber Advisor near you by searching on a register
Find out more about becoming a Cyber Advisor here
The Cyber Scheme (the Cyber Advisor Assessment Provider) have resources to help potential candidates prepare for the assessment here