• United States



UK Editor

NCSC offers small UK businesses free cybersecurity support

Jan 09, 20233 mins

Micro/small UK legal aid services and charities can now apply to the Funded Cyber Essentials Programme for free certification to help them put baseline cybersecurity controls in place.

Cybersecurity  >  Internet security threats
Credit: Metamorworks / Getty Images

The UK’s National Cyber Security Centre (NCSC) is offering some small organisations in high-risk sectors free practical support to help them put essential, baseline cybersecurity controls in place. Small charities and legal aid firms are invited to take part in the Funded Cyber Essentials Programme, which extends cybersecurity assistance from leading experts to help them protect the vulnerable people they support, free of charge.

The initiative will see eligible organisations receive 20 hours of support to help implement the five technical measures needed to gain Cyber Essentials certification, a government-backed scheme that helps UK companies guard against online threats and demonstrate a commitment to cyber security to customers, service users and stakeholders. The scheme will guide businesses through five key areas of cybersecurity – firewalls, secure settings, access controls, malware, and software updates – without the typical pricing structure for micro/small organisations of £300 and £400 + VAT, respectively.

Funded Cyber Essentials Programme for sectors at greater risk of cyberattack

In a post, the NCSC wrote that the aim of the Funded Cyber Essentials Programme, delivered by the IASME Consortium, is to support sectors which are at relatively greater risk of cyberattack because of the sensitive information they handle and because organisations typically have a lower level of cyber maturity. “The NCSC’s focus is on supporting small organisations that have a low level of cyber maturity, and work with data that is sensitive and would have significant impact if disrupted. The programme will offer Cyber Essentials Plus to specific sectors that are at high risk of cyberattack, at no cost,” the NCSC stated. To qualify for the scheme, an organisation must either be:

  • A micro or small business (one to 49 employees) that offers legal aid services.
  • A micro or small charity that processes personal data, as defined under GDPR.

Sarah Lyons, NCSC deputy director for economy and society resilience, stated that charities and legal aid firms do incredible work supporting vulnerable people when they need it most, and that’s why it is vital they take steps to protect sensitive data. “The new Funded Cyber Essentials Programme is a great opportunity for small organisations to gain free assistance with putting key cyber security protections in place. I strongly encourage organisations to register so they can boost their cyber resilience and help reduce the chances of falling victim to a potentially damaging cyberattack.”

Launched in 2014, the Cyber Essentials scheme has helped organisations of varying size and from diverse sectors defend against cyberattacks and secure new business. More than 31,000 Cyber Essentials and Cyber Essentials Plus certificates were issued in 2022, according to the NCSC.

UK Editor

Michael Hill is the UK editor of CSO Online. He has spent the past 8 years covering various aspects of the cybersecurity industry, with particular interest in the ever-evolving role of the human-related elements of information security. A keen storyteller with a passion for the publishing process, he enjoys working creatively to produce media that has the biggest possible impact on the audience.

More from this author