Free cyber security support for vulnerable organisations

By Ben Carey on 12 January, 2023

Organisations across the region supporting vulnerable members of society are being encouraged to take advantage of a free cyber security package.

The initiative, funded by the National Cyber Security Centre (NCSC) and delivered by the Information Assurance for Small and Medium Enterprises Consortium (IASME), offers a fully-funded Cyber Essentials package to small legal aid services and charities handling personal data.

The programme is designed to offer small organisations (49 employees or less) in high-risk sectors free practical support to help put cyber security controls in place, reducing the risk of cyber attacks and strengthening online defences.

The information held by these organisations can be highly sensitive. For example, data about domestic abuse survivors could be exposed if not properly protected, leaving them vulnerable to their abusers, so strong cyber security is vital.

The NCSC, part of GCHQ, is offering 20 hours of expert support to help implement the five technical measures needed to gain Cyber Essentials certification: firewalls, secure settings, access controls, malware protection and software updates.

This will be followed by hands-on verification that the measures are in place, with a view to the organisation achieving Cyber Essentials Plus certification.

Sarah Lyons, NCSC Deputy Director for Economy and Society Resilience, said, “Charities and legal aid firms do incredible work supporting vulnerable people when they need it most, and that’s why it is vital they take steps to protect sensitive data.

“The new Funded Cyber Essentials Programme is a great opportunity for small organisations to gain free assistance with putting key cyber security protections in place.

“I strongly encourage organisations to register so they can boost their cyber resilience and help reduce the chances of falling victim to a potentially damaging cyber attack.”

Dr Emma Philpott MBE, CEO of IASME, said, “The Funded Cyber Essentials programme is aimed at some of the smallest and most vulnerable organisations in the UK. It is designed to encourage and support them to implement the minimum cyber security technical controls.

“Through the programme, IASME’s network of cyber security experts are able to use their skills to help those who need support most. The programme aims to protect small charities and legal aid firms, and the sensitive data they hold, from common internet threats.”

Cyber Essentials is a Government-backed certification scheme which helps organisations of all sizes guard against online threats and demonstrate a commitment to cyber security to customers, service users and stakeholders. More than 31,000 Cyber Essentials and Cyber Essentials Plus certificates were issued in 2022.

The offer is available until the end of March 2023, subject to demand.

More information about the funded programme and eligibility criteria can be found on the NCSC website. Eligible organisations can register their interest via the IASME website.