New British Cyber Advisor Scheme

Uploaded on 2022-08-03 in TECHNOLOGY--Resilience, GOVERNMENT-National, FREE TO VIEW

Britain's National Cyber Security Centre (NCSC) is offering a new Cyber Advisor service. The initial 100 Cyber Advisor assessments will be funded by the NCSC. To begin with, the NCSC is inviting participants to take part in 100 free assessments which will be used to test and develop the scheme, due to be fully launched in the first quarter of 2023. Once live, individuals will be able to apply to become a Cyber Advisor for a fee.

The scheme is intended to extend the NCSC’s reach to offer a trusted source of cyber security advice to a wider range of organisations. 

This will include the ability to recommend independently assured organisations that can help their customers implement a baseline level of cyber security, creating a trusted ecosystem that allows consumers to know better who to engage and what to expect. 

A Cyber Advisor will be an individual assessed by the NCSC as having a good understanding of baseline security controls and the ability to provide practical help to companies who want to achieve them.

Qualified Cyber Advisors will initially focus on helping their customers meet Cyber Essentials 5 technical controls, firewalls, secure settings, access controls, malware and software updates, by identifying and helping implement improvements that are right for the size and needs of their customer. A company engaging the help of a Cyber Advisor doesn’t need to be aiming for Cyber Essentials certification; those controls are being used as a baseline as they help guard against the most common cyber attacks. 

Under the new scheme those organisations who have a qualified Cyber Advisor on their staff will be able to apply to become an NCSC Assured Service Provider. 

Only organisations who become Assured Service Providers and employ a qualified Cyber Advisor will be able to offer NCSC Cyber Advisor services to customers.

Initial Cyber Advisor Assessments

The NCSC will initially be fully funding the initial 100 Cyber Advisor assessments. Individual applicants, with differing levels of experience and skills, and from diverse backgrounds across the UK, will be selected to test. 
Those individuals who complete a free assessment will be asked for feedback and to provide data to help the NCSC develop the Cyber Advisor scheme further and ensure that Cyber Advisors can offer the required knowledge and skill set.   

Cyber Advisors will be expected to help organisations by:

  • Conducting Cyber Essentials gap analysis to assess the organisations Internet-facing IT identifying where it fails to meet the Cyber Essentials controls.
  • Developing reports on the status of the organisation’s Cyber Essentials controls for senior leadership, detailing the requirements that are met and those that are not, describing why controls are not met and the risks the organisation is exposed to, as well as the recommended actions to take.
  • Working with the business to agree remediation activities.
  • Planning remediation activities that align to the risk and business priorities.
  •  Implementing remediation activities – or guide technical teams to do so – sympathetically to operational activities.
  • Developing and presenting post-engagement reports summarising the engagement and detailing any remediation work completed, pointing out any residual risk with recommendations for reducing those risks.

Cyber security professionals who think you have the required knowledge and skill set can  apply by contacting the scheme’s delivery partner, IASME. Anyone who passes the assessment but who is not employed by an Assured Service Provider will not be eligible to offer Cyber Advisor services.

Cyber Advisor Assured Service Providers

To be eligible to offer Cyber Advisor services under the scheme organisations will need to become an Assured Service Provider registered with IASME and employ at least one formally assessed Cyber Advisor. An organisation applying to be an Assured Service Provider will be expected to meet requirements demonstrating good cyber security and a commitment to achieving an excellent and consistent customer experience through a quality management system. An annual subscription fee will be levied.

To register your interest in participating in the scheme Proof of Concept and to apply for one of the fully-funded Cyber Advisor assessment places, please complete the application form which can be found on the IASME website.

NCSC:       IASME:     CSO Online:     Cyber News Group:     Computer Weekly

You Might Also Read: 

Flunking Cyber Education:

 

« How to Prepare Your Security Team For The Future Of Vulnerability Management
Perimeter 81 / Zero Trust Network Access Guide »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Wall Street Technology Association (WSTA)

Wall Street Technology Association (WSTA)

The Wall Street Technology Association (WSTA) provides financial industry technology professionals with forums to learn from and connect with each other.

CipherPoint Software

CipherPoint Software

CipherPoint Software provides data-centric auditing and protection solutions for securing unstructured information

Wayra UK

Wayra UK

Wayra UK, part of Telefónica Open Future, has been chosen to run a new cyber accelerator facility to help UK start-ups grow and take the lead in producing the next generation of cyber security systems

Redshift Consulting

Redshift Consulting

Redshift is an information management and information security consulting company offering a full range of services from infrastructure design to security assessments and network monitoring.

SmartCyber

SmartCyber

SmartCyber is a company specializing in custom IT projects and Cybersecurity.

Celerium

Celerium

Celerium transforms cyber defense for both companies and industry sectors by leveraging cyber threat intelligence to defend against cyber threats and attacks.

Tech Nation

Tech Nation

Tech Nation is the UK’s first national scaleup programme for the cyber security sector, aimed at ambitious tech companies ready for growth, at home and abroad.

Diateam

Diateam

Diateam is an R&D company specializing in computer security. Diateam develops highly innovative cyber range platforms and Industry-leading systems for cybersecurity training and testing labs.

SecondWrite

SecondWrite

SecondWrite’s next-generation malware detection engine delivers a combination of automatic deep code inspection and accurate scoring of zero-day malware.

Alias Robotics

Alias Robotics

Alias Robotics is a robot cyber security company. We deliver cyber security solutions for robots and robot components.

X Technologies

X Technologies

X Technologies provide world-class engineering, information technology, information security, program management and repair services to Federal, State and commercial customers.

TransUnion

TransUnion

TransUnion is a global information and insights company that makes it possible for businesses and consumers to transact with confidence.

Luxembourg House of Financial Technology (LHoFT)

Luxembourg House of Financial Technology (LHoFT)

Offering start-up incubation, co-working spaces including a soft-landing platform, the LHoFT connects and creates value for the entire Luxembourg FinTech ecosystem.

Third Point Ventures

Third Point Ventures

Third Point brings deep technical expertise, a strong network of relationships, and decades of investing experience to add value to our partners throughout their journey from idea to IPO and beyond.

Pixee

Pixee

Pixee fixes vulnerabilities, hardens code, squashes bugs, and gives engineers more time to focus on the work that counts.

Rakuten Maritime

Rakuten Maritime

Rakuten Maritime is your trusted partner in maritime cybersecurity, offering comprehensive and proactive solutions tailored to every stage of a ship’s life cycle.