It has been a month since the National Cyber Security Centre (NCSC) introduced the Cyber Advisor scheme, aimed at assisting smaller organizations in achieving crucial cybersecurity controls and standards. As we reflect on the scheme’s launch, reception, and lessons learned, it becomes evident how this initiative can benefit stakeholders moving forward.
The primary objective of the Cyber Advisor program is to support small organizations that may lack internal expertise or access to accredited professionals to secure their networks.
Once qualified, Cyber Advisors can offer cost-effective advice and hands-on assistance in implementing the five Cyber Essentials Technical Controls required to obtain Cyber Essentials Plus certification.
Why Connect Cyber Advisor with Cyber Essentials?
The NCSC believes that implementing the Cyber Essentials Technical Controls protects small businesses from the majority of high-volume, low-skill attacks conducted through the internet. Consequently, adopting Cyber Essentials Plus becomes one of the simplest ways to enhance security in the UK and instill confidence in buyers that their businesses are adequately protected.
Under the new scheme, organizations with qualified Cyber Advisors on their staff can provide NCSC-assured Cyber Advisor services to customers. This assurance adds legitimacy to the services provided by Cyber Advisor organizations, distinguishing them from the unregulated landscape of nationwide cyber consultancy services.
The scheme has received positive feedback from those already involved in the Cyber Essentials ecosystem, generating a desire to expand awareness and highlight the scheme’s benefits for cyber consultancies seeking Cyber Advisor status. Moreover, small and medium-sized businesses looking for a reliable source of cyber security advice recognize the endorsement and recognition bestowed by the National Technical Authority NCSC.
Currently, the Cyber Scheme is the sole Accredited Assessment Provider for the program, developed and delivered in partnership with IASME.
After running assessments for a month, the Cyber Scheme has received favorable responses from candidates, primarily Managed Service Providers (MSPs), aspiring to obtain Cyber Advisor status, as well as the assessors involved in the scheme. The aim is to expand assessment provision nationwide, beginning with Belfast and Manchester and eventually encompassing Edinburgh, Cardiff, and London.
Initial feedback from candidates suggests the following:
More emphasis should be placed on providing learning materials with less technical focus.
Additional guidance on the consultancy reporting section of the exam would be beneficial.
The introduction of a query forum would be well-received.
In the coming weeks, the Cyber Scheme plans to implement an advice section on their website and develop webinars and video resources to assist MSPs in deciding whether to participate in the scheme. Additionally, these resources will aid small businesses in making informed procurement decisions.
The following quotes have been provided for editorial use:
Peter Loomes, Lead Cyber Advisor Assessor and Head of Training at The IASME Consortium, shares his thoughts: “Throughout the past couple of months, while assessing candidates for the Cyber Advisor Scheme, I have encountered a diverse range of prospective advisors. It has been intriguing to witness the innovative advice provided by these candidates in response to our scenarios. It demonstrates the existence of genuine talent and a dedicated commitment to supporting small businesses.”
Chris Blunt, Cybersecurity Assessor at Blunt Security, expresses his enthusiasm: “When I first learned about the Cyber Advisor program, I was genuinely excited. It addresses a critical need in the cybersecurity industry. However, I must admit, I was skeptical about how they could capture the essence of what makes a good Cyber Advisor in a 2-3 hour exam. Well, they have succeeded. I didn’t know what to expect, but I left feeling like the exam truly encompassed what I do in my day job. It skillfully combines technical knowledge, non-technical explanations, and even conversations. This gives me confidence that we now have an excellent method to assess the competence of future Cyber Advisors, and I believe the process will effectively filter out those who are not yet ready.”
About The Cyber Scheme: The Cyber Scheme provides the highest standard of government-approved examinations, essential for technical consultants aspiring to attain NCSC CHECK status, Cyber Advisor, and VA+. They also offer training for individuals aiming to enter the Cyber Security industry. Additionally, they strive to support, educate, and recruit a new generation of talent who have traditionally faced barriers to accessing careers in cybersecurity. By addressing the current skills gap, they ensure the development of a robust cyber industry that can protect the UK well into the future.
The post The Government’s Cyber Advisor Program – Assessing Its Impact One Month After Launch first appeared on BusinessMole.