For many organisations, especially micro and small businesses, finding credible, understandable and helpful advice can be challenging. The list below signposts to some of the trusted websites that can help you on your cyber journey.
The National Cyber Security Centre, (NCSC) is a government organisation that helps protect the public and private sectors from cyber threats and incidents. Their website and LinkedIn pages provide a wealth of authoritative information available as text and / or infographics. You can find information on many individual cyber security topics such as phishing, home working and video conferencing. There is also a range of more general guidance such as:
Small Business Guide Quick and easy to understand guidance to help protect small businesses. An actions checklist is also available via the NCSC website.
Small Charities Guide The topics covered in the guidance are easy to understand and the solutions are either free or low cost.
10 steps to cyber security Breaks down information into key components and provides advice on how to achieve good security across each of the elements.
The Cyber Aware website has excellent simple advice written in plain English. Check out the advice about staying secure online during the Covid pandemic.
Action Fraud is the UKs national reporting centre for cybercrime. You also will find plenty of practical advice on its website. If you’re unfortunate enough to be a victim of crime, their website has an area labelled ‘victim resources’ .
Action Fraud covers cyber crime and fraud experienced in England, Wales and Northern Ireland. In Scotland, cyber crime should be reported to Police Scotland.
The Regional Organised Crime Units (ROCUs) are trusted partners of the National Cyber Security Centre who act as Regional points of contact. During the Corona virus crisis, many are providing on line versions of their regional presentations.
Trusted bodies such as banks and solicitors, or, trade bodies such as the local Chamber of Commerce, the Federation of Small Business or sector specific trade bodies often run cyber security seminars, webinars or training for their ‘members’. Check out their newsletters or websites which may provide event details or include useful advice, guidance, hints and tips.
Training courses – To get some good introductory knowledge or to train your staff, check out The Open University’s free courses. They offer a free 8 week online course in Cyber Security ( 24 hours in total). There are a number of training providers of good quality training including Immersive Labs and Bob’s Business.
IASME is the National Cyber Security Centre’s Cyber Essentials Partner. IASME certifies organisations to a number of certifications including IASME Governance and Cyber Essentials/ Cyber Essentials Plus all of which assess organisations against recognised good cyber security practice.
If your company is thinking about, or in the process of, getting certified , help and guidance is available from IASME every step of the way. You can prepare your company for the self-assessment by studying the questionnaire. This allows you to conduct a gap analysis ahead of taking the actual certification(s). You can download the Cyber Essentials and IASME Governance self-assessment questions completely free
Should you require assistance with your applications, IASME has trained and licensed over 200 Certification Bodies who will be able to help you understand the assessment questions, explain how they relate to your business and outline what steps you need to take in order to achieve certification. Our Certification Bodies are based throughout the UK. You can find your nearest certification body via https://iasme.co.uk/certification-bodies/
If you have any initial questions about the certification requirements there is a LinkedIn group run by IASME called, ‘ Cyber Essentials Advice Group ‘. You can post your questions and IASME will give you free advice.
The list of websites and sources of support is intended to be a guide to start you on your cyber journey. It is not an exhaustive list and there will be other credible sources that may carry the information you seek.
Please note, this blog may contain guidance and information that is outdated.
On 24th January 2022, the Cyber Essentials technical requirements were updated in line with current cyber security threats. The self-assessment question set changed from version ‘Beacon’ to version ‘Evendine’. Blogs and articles published before that date, may no longer accurately reflect the Cyber Essentials requirements.