In the UK, small organizations in high-risk sectors, including charities and legal aid firms, will be offered free cybersecurity assistance from the government through the Funded Cyber Essentials Programme, launched by the National Cyber Security Centre (NCSC) on January 9, 2023.
The initiative, funded by the government and delivered by the Information Assistance for Small and Medium Enterprises (IASME) consortium, will provide eligible organizations with 20 hours of expert support to help them implement the five technical measures needed to gain Cyber Essentials certification, these include firewalls, secure settings, access controls, malware and software updates.
This will be followed by hands-on verification that the measures are in place, with a view to the organization achieving Cyber Essentials Plus, the highest level of certification offered in the UK under the Cyber Essentials scheme.
The offer is currently available to micro or small businesses that offer legal aid services and micro or small charities that process personal data, for example those working in safeguarding such as domestic abuse charities or online chat support services.
These types of orgnaizations are often at greater risk of cyber-attack because of the sensitive information they handle.
“IT security is a big problem for any organization, but when you break out of the FTSE 250 and keep going down the list to groups that are classified as small charities and legal aid firms, IT Security is normally a conversation that might happen once a year,” Paul Baird, Chief Technical Security Officer at Qualys, told Infosecurity.
“These small organizations and charities may never have even heard of Cyber Essentials. They need help, and making these best practices free would help them. Think about what might happen if any of these groups went offline - what would the fallout be to the people they are helping? Would any of these groups be able to recover from an attack? The challenge here is how to help them get the basics right and how this is going to help them defend themselves. The Funded Cyber Essentials programme will help more organizations carry out this kind of work.”