Skip to the content

NCSC plans new approach to Cyber Essentials


Mark Say Managing Editor

Get UKAuthority News


The National Cyber Security Centre (NCSC) is planning to hand over the running of its Cyber Essentials scheme to one of the existing certification organisations from next spring.

It has appointed the IASME Consortium from a tender process to take on the role under a five-year contract beginning in April 2020.

Cyber Essentials is the NCSC’s guidance and certification process aimed at helping public and private sector organisations guard against the most common cyber threats.

The organisation said that there has been a lack of consistency in the service and an unnecessarily complicated experience for organisations that use it. The appointment of IASME as a partner is aimed at simplifying the operation, providing a more streamlined path and ensuring that all the certification bodies are working to the same standard.

It will involve the introduction of a minimum criteria for certification and assessments, and an expiry date on certificates.

Transition begins

The two organisations have begun to work on a transition plan and IASME is contacting certification bodies to update them on what is needed to continue in the role after the change.  

The five accreditation bodies, which appoint the certifying bodies, will continue providing the service until their contracts expire.

IASME chief executive Dr Emma Philpott said: “We have seen such a positive effect already over the last five years where Cyber Essentials has increased the basic levels of security across all sectors.

“We are so pleased that we can be part of the future developments, working closely with the excellent certification bodies, trade bodies, police and other key stakeholders, to ensure further growth of the scheme.”

Image from iStock, matejmo

Register For Alerts

Keep informed - Get the latest news about the use of technology, digital & data for the public good in your inbox from UKAuthority.