The NCSC Cyber Advisor Scheme


Fresh from the mind of...

Photo of author

Jack Vesey

Managing Director
Jack holds a vast amount of experience in proposition management and development. In his career, he’s led initiatives across acquisition, commercial & governance in the financial services sector.

At bzb IT, he manages the strategic direction of the company.

If you’re a regular follower of our content, or indeed an existing client, you’ll know about the Cyber Essentials Scheme and the importance of every SME being certified to this standard as a minimum. If not, firstly where have you been?! But on a serious note, check out our blog from last year where we dive into the scheme and it’s benefits:

Ok, so understanding the need for certification is the easy bit. SMEs in growing volumes are now turning to certification bodies to carry-out the assessment/audit, BUT there’s a problem. Often these organisations are of National level and focus purely on completing the assessment, providing a pass or fail, and moving on. They don’t hold expertise in advising SMEs how to run their infrastructure to successfully pass the certification; and this is a huge gap.

We exhibited at the International Cyber Expo in September, and the most common challenge we heard from SMEs was being able to achieve a pass for Cyber Essentials. Many frustrated that they had tried multiple times and failed, being charged £1-2k each time. There’s a realisation that although the scheme is a minimum standard, many SMEs are still a long way from being at the standard.

This is where the new NCSC Cyber Advisor Scheme delivered through IASME comes in.

What’s the scheme all about?

To quote IASME, it’s a scheme designed to ‘provide small and medium sized organisations with reliable cyber security advice and practical support’. The NCSC & IASME having identified the difficulty for SMEs to find reliable and appropriate consultants to give trusted advice on the reasonable steps they should take to be in a position for certification.

The scheme examines professionals against an independent assessment that tests their knowledge of technical controls, competence in doing practical IT, and their ability to understand how to work with smaller organisations. To summarise, the scheme provides SMEs with a reliable way to identify individuals that can help them evaluate what they need to do to keep their business secure, in a cost-effective way (as well as passing Cyber Essentials).

Why is it important?

In our opinion the scheme is vitally important to SMEs who need support from a trusted professional to guide their business through effective Cyber Security measures, and ultimately passing Cyber Essentials/Cyber Essentials Plus.

We’d recommend to any SME that they look for qualified Cyber Advisors within the organisation that is completing their Cyber Essential assessment if they know they need support. That way you’ll be given the time and appropriate measures to support your business should it be needed. However, there’s a catch…

What’s the catch?

At this moment in time, it’s extremely rare that an organisation will be a certification body and hold qualified Cyber Advisors. It’s simply unique that a company have the technical skill level to be a certification body, but also the desire/understanding of how to guide an SME through the appropriate security measures to protect their business.  

What does it mean for bzb IT and our clients?

Our technical consultants who lead the strategic management of our partners IT, are now officially qualified by the government backed scheme to consult on the appropriate security measures SMEs should be taking. Our clients know they’re being looked after by the very best, with our wholehearted interest being in keeping them secure (not upselling the latest commercially beneficial product they don’t need).

This, alongside being a Cyber Essentials certification body, puts us in a marketing leading position amongst IT support providers.

What’s next?

Ah, the refreshingly simple part. All you need to do is answer the below questions:

  • Are you about to embark on attempting to pass the Cyber Essential Schemes?
  • Have you failed the certification, and been left with nowhere to turn?
  • Has your current IT provider set you up with an unnecessary third party to ‘get you a pass’ for the Cyber Essential scheme?
  • Concerned at the lack of proactive security advice from your current IT provider?

If any of your answers ring true, why not reach out to us today so we can have a friendly and non-committal talk about how our proposition does it all under one-roof.

Related articles