NCSC is launching a Funded Cyber Essentials Programme

Published date:

Small organisations from specific sectors in the UK are being invited to take part in the Funded Cyber Essentials Programme.

All businesses face a threat from cyber attack but some organisations have a particularly increased risk. This might be because they hold sensitive information about the people that they work with, or they are perceived as an easy target by cyber criminals. For those sectors most at risk, the NCSC is launching a Funded Cyber Essentials Programme. This scheme aims to provide vulnerable organisations with help to implement baseline security controls to prevent the most common types of cyber attack.

Who is eligible for support?

To qualify for this scheme, organisations must either be:

  • a micro or small business (1 to 49 employees) that offers legal aid services


  • a micro or small charity (1 to 49 employees, excluding volunteers) that has a core purpose of providing support to victims of domestic abuse

AND meet the following criteria:

  • Has not previously participated in the NCSC Funded Cyber Essentials Programme
  • Does not currently hold Cyber Essentials Plus certification, has not been awarded CE+ certification since May 2022 and is not currently in the process of applying for CE+ certification.

If your organisation meets the above criteria and you would like to apply for the Funded Cyber Essentials Programme please click here.

How does it work?

The programme will offer practical support from an Advisor to achieve Cyber Essentials Plus at no cost to the organisation. Please note, this does not include the cost of any additional software or hardware identified by the Advisor that is required to achieve Cyber Essential Plus.

Qualifying organisations will receive around 20 hours of remote support with an Advisor. This time will be spent identifying and implementing improvements that are right for the size and needs of the organisation and supporting them in implementing the 5 Cyber Essentials technical controls. This will be followed by a hands-on technical verification that the controls have been put in place. 

If it is not possible for the organisation to achieve Cyber Essentials Plus, the Advisor will help organisations implement as many of the technical controls as possible and give the organisation a clear list of the additional actions they need to undertake to become compliant. The scheme is designed to lead an organisation through the technical controls required to achieve Cyber Essentials certification, followed by the audit for Cyber Essentials Plus. No previous cyber security certification or experience is necessary.

What is Cyber Essentials?

Cyber Essentials is an effective, Government backed scheme that will help you to protect your organisation, whatever its size, against a whole range of the most common cyber attacks. Cyber Essentials Plus has the same simplicity of approach and the protections you need to put in place are the same, but for Cyber Essentials Plus a hands-on technical verification is carried out.

Cyber Essentials Readiness Tool

The Cyber Essentials Readiness Tool is a free online tool, accessible in the form of a set of questions on the IASME website. The process of working through the questions will tell you about your current level of cyber security and how you need to improve in order to certify to Cyber Essentials. On completion you will be directed towards appropriate guidance and be presented with a tailored action plan and detailed guidance for your next steps towards certification. We recommend that you work through the Readiness Tool as part of the Funded Cyber Essentials Programme, although this is not a requirement for participation.