Funded Cyber Essentials Programme offers some small organisations in high-risk sectors free practical support to help put cyber security controls in place.
- New Funded Cyber Essentials Programme helps small organisations at risk of cyber attack bolster their online defences
- GCHQ’s National Cyber Security Centre offer charities and legal aid firms free support to put protections in place
- Eligible organisations urged to register to help secure sensitive data and protect vulnerable people they support
SMALL charities and legal aid firms are being offered free cyber security assistance from the nation’s leading experts to help them protect the vulnerable people they support.
The National Cyber Security Centre – a part of GCHQ – has launched the new Funded Cyber Essentials Programme, which offers some small organisations in high-risk sectors practical support at no cost to help put baseline cyber security controls in place.
The information held by these organisations can be highly sensitive – for example, data about domestic abuse survivors could be exposed if not properly protected, leaving them vulnerable to their abusers – so strong cyber security is vital.
The NCSC’s initiative, funded by government and delivered by IASME, will see eligible organisations receive 20 hours of expert support to help implement the five technical measures needed to gain Cyber Essentials certification – firewalls, secure settings, access controls, malware and software updates.
The offer is currently available to micro or small businesses that offer legal aid services and micro or small charities that process personal data, for example those working in safeguarding such as domestic abuse charities or online chat support services.
The focus of the programme is to support sectors which are at relatively greater risk of cyber attack because of the sensitive information they handle and because organisations typically have a lower level of cyber maturity.
Sarah Lyons, NCSC Deputy Director for Economy and Society Resilience said:
“Charities and legal aid firms do incredible work supporting vulnerable people when they need it most, and that’s why it is vital they take steps to protect sensitive data.
“The new Funded Cyber Essentials Programme is a great opportunity for small organisations to gain free assistance with putting key cyber security protections in place.
“I strongly encourage organisations to register so they can boost their cyber resilience and help reduce the chances of falling victim to a potentially damaging cyber attack.”
Dr Emma Philpott MBE, CEO of the IASME Consortium which delivers the programme for government, said:
“The Funded Cyber Essentials programme is aimed at some of the smallest and most vulnerable organisations in the UK. It is designed to encourage and support them to implement the minimum cyber security technical controls.
“Through the programme, IASME’s network of cyber security experts are able to use their skills to help those who need support most. The programme aims to protect small charities and legal aid firms, and the sensitive data they hold, from common internet threats.”
Cyber Essentials is a government-backed certification scheme which helps organisations of all sizes guard against online threats and demonstrate a commitment to cyber security to customers, service users and stakeholders. More than 31,000 Cyber Essentials and Cyber Essentials Plus certificates were issued in 2022.
As part of the new programme, eligible organisations will receive free support from a Cyber Essentials assessor to help implement the technical controls. This will be followed by hands-on verification that the measures are in place, with a view to the organisation achieving Cyber Essentials Plus.
More information about the funded programme and eligibility criteria can be found on the NCSC website. Eligible organisations can register their interest via the IASME website.
Case study
Hear from one CEO about how her charity supporting victims of domestic abuse has benefited from Cyber Essentials Plus certification.
Original press release posted by the National Cyber Security Centre