top of page

NCSC & IASME re-open applications of the Funded Cyber Essentials Programme

The NCSC have announced that they are re-opening applications for the Funded Cyber Essentials Programme to small organisations in the legal and charities sector that meet certain criteria.



NCSC Funded Cyber Essentials Programme – Charities supporting vulnerable people



The NCSC’s focus is on supporting small organisations who have a low level of cyber maturity, and work with data that is sensitive and of significant impact if disrupted. The programme will offer Cyber Essentials Plus to specific sectors that are at high risk of cyber attack, for no cost.


Criteria:


To qualify for this scheme, companies must be registered in the UK and be;


A micro or small charity (1 to 49 employees) that has a core charitable purpose of supporting vulnerable people; including victims of abuse, support to mental health or the elderly.


or


Holds sensitive personal information (such as health information) about vulnerable people

AND meet the following criteria:


  • has not previously participated in the NCSC Funded Cyber Essentials Programme

  • does not currently hold Cyber Essentials Plus (CE+) certification

  • has not been awarded CE+ certification since January 2023 and is not currently in the process of applying for CE+ certification

How does it work?


The Funded Cyber Essentials Programme will seek to help UK organisations meet Cyber Essentials’ five technical controls – firewalls, secure settings, access controls, malware and software updates – by identifying and implementing improvements that are right for the size and needs of the organisation.


Those that meet the criteria and are eligible for this programme will receive hands-on support from a Cyber Advisor at no cost. However, any additional software or hardware identified by the Assessor that is required to achieve Cyber Essential Plus will not be paid for by the NCSC or their delivery partner, IASME.


Qualifying organisations will receive around 20 hours of remote support with a Cyber Essentials Cyber Advisor. This time will be spent supporting an organisation in implementing the 5 Cyber Essentials Technical Controls, followed by a hands-on technical verification that the controls have been put in place.


Working with IASME, organisations will receive a set amount of hands-on support from a cyber security expert to review technical controls and make configuration changes to the organisation’s systems as needed.


Charities can apply via the form on the IASME website.



NCSC Funded Cyber Essentials Programme - Legal Aid Firms


NCSC is re-opening applications for the The Funded Cyber Essentials Programme to law firms that are contracted to provide legal aid services. The NCSC’s focus is on supporting small organisations who have a low level of cyber maturity, and work with data that is sensitive and of significant impact if disrupted.


The programme will offer Cyber Essentials Plus to specific sectors that are at high risk of cyber attack, for no cost.


Criteria:


To qualify for this scheme, companies must be registered in the UK and be;


A micro or small business (1 to 49 employees) that offers legal-aid services.


AND meet the following criteria:


  • has not previously participated in the NCSC Cyber Essentials

  • does not currently hold Cyber Essentials Plus (CE+) certification

  • has not been awarded CE+ certification since January 2023 and is not currently in the process of applying for CE+ certification

How does it work?


The Funded Cyber Essentials Programme will seek to help UK organisations meet Cyber Essentials’ five technical controls – firewalls, secure settings, access controls, malware and software updates – by identifying and implementing improvements that are right for the size and needs of the organisation.


Those that meet the criteria and are eligible for this programme will receive hands-on support from a Cyber Advisor at no cost. However, any additional software or hardware identified by the Assessor that is required to achieve Cyber Essential Plus will not be paid for by the NCSC or their delivery partner, IASME.


Qualifying organisations will receive around 20 hours of remote support with a Cyber Essentials Cyber Advisor. This time will be spent supporting an organisation in implementing the 5 Cyber Essentials Technical Controls, followed by a hands-on technical verification that the controls have been put in place. Working with IASME, organisations will receive a set amount of hands-on support from a cyber security expert to review technical controls and make configuration changes to the organisation’s systems as needed.


Companies can apply via the form on the IASME website.


Please note, applications for both sectors are limited, so eligible organisations who are interested in applying are advised to do so at the earliest opportunity.


 

Reporting

Report all Fraud and Cybercrime to Action Fraud by calling 0300 123 2040 or online. Forward suspicious emails to report@phishing.gov.uk. Report SMS scams by forwarding the original message to 7726 (spells SPAM on the keypad).

 

Comments


The contents of blog posts on this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of East Midlands Cyber Resilience Centre (EMCRC) is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others. Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. EMCRC provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us by email.

 

EMCRC does not accept any responsibility for any loss which may arise from reliance on information or materials published on this blog. EMCRC is not responsible for the content of external internet sites that link to this site or which are linked from it.

bottom of page