A Cyber Advisor who does the work with you, not at you.

The NCSC's Cyber Advisor scheme exists so small and medium organisations can get trustworthy, hands-on help implementing the five Cyber Essentials technical controls. Our advisor has passed IASME's independent assessment of exactly that: knowing the controls, implementing them in practice, and working at the scale of a smaller organisation. You get practical help putting real controls in place, from someone whose competence has been checked by the scheme rather than claimed on a website.

Verified
NCSC AssuredCyber Advisor Cyber EssentialsCertification body ISO 27001 & 9001UKAS certified CISSPIn house
Assured Service Provider in association with the National Cyber Security Centre, Cyber Advisor (Cyber Essentials)

Assured by the National Cyber Security Centre.

Dead Simple Computing is an NCSC Assured Service Provider under the Cyber Advisor scheme, and this page describes the exact service that assurance covers. The status is on the record with IASME, so you can verify it before you ever speak to us.

What the assurance covers
Cyber Advisor / 01 · What it is

Hands-on help with the five controls, sized for a smaller organisation.

A Cyber Advisor is not another auditor and not another report. The role, as the NCSC designed it, is practical: someone who can look at your actual systems, tell you plainly where they fall short of the Cyber Essentials controls, and then help you fix them. The scheme assesses advisors on their knowledge of the controls, their implementation competence, and their ability to work with small and medium organisations, because advice that assumes an enterprise IT department is no use to most UK businesses.

01Practical, not paperworkConfiguration changed, controls switched on, and risks closed, not a findings document left on your desk.
02The five CE controlsFirewalls, secure configuration, security update management, user access control, and malware protection.
03Assessed, not self-declaredThe advisor passed IASME's independent assessment and holds a Certificate of Competence in Cyber Essentials Implementation.
04Plain EnglishAdvice pitched at the person responsible for the business, not a security team that does not exist yet.
Cyber Advisor / 02 · What we do

From an honest baseline to controls that actually run.

Use the service end to end, or bring us in where you are stuck. Every engagement stays inside what the assurance actually covers: implementing the Cyber Essentials controls.

01Baseline

Readiness and gap review

A straight look at your systems against the five controls. You get the real starting position and what it will take to close each gap, before you commit to anything.

Gap analysisScopingPrioritised list
02Implement

Controls put in place

We do the work with you: firewall rules, secure configuration, update management, access control, and malware protection, on your actual estate rather than in a template.

Hands-onYour systemsNo disruption
03Evidence

Ready for certification

When the controls are in, you are positioned to certify. As an appointed certification body we know precisely what the assessment expects, and we tell you plainly when you are ready.

Assessment prepCertification pathAnnual renewal
04Advise

Ongoing plain-English advice

Questions between engagements get straight answers. If your requirement is bigger than Cyber Essentials, we say so and point you at the right service instead of stretching this one.

SME-focusedHonest scopeNo jargon
Scoped honestly. The Cyber Advisor assurance covers Cyber Essentials implementation support. Our ISO 27001 consultancy, governance and audit, and incident response are separate services backed by our other credentials.
Cyber Advisor / 03 · Why it matters

Anyone can offer advice. This advice is checked.

Every IT company in the country will happily help you with Cyber Essentials. The Cyber Advisor scheme exists because there was no way to tell which of them actually could. Choosing an assured advisor means the competence behind the advice has been independently assessed by IASME on the NCSC's behalf, and our status as an NCSC Assured Service Provider is on the record for you to check.

AssessedIndependently assessed competence.The advisor passed IASME's assessment of knowledge, practical implementation skill, and fit for smaller organisations.
BackedA certification body behind the advice.The people helping you implement the controls assess organisations against the same standard every day.
VerifiableOn the record.Assured status is verifiable through IASME, so you never have to take our word for it.
FAQ

Common questions

What is an NCSC Cyber Advisor?

A Cyber Advisor is an individual who has passed an independent assessment, run by IASME on the NCSC's behalf, of their ability to give small and medium organisations practical, hands-on help implementing the five Cyber Essentials technical controls. On passing, the advisor receives a Certificate of Competence in Cyber Essentials Implementation. The firm that employs them can then become an NCSC Assured Service Provider.

Do I need a Cyber Advisor to get Cyber Essentials?

No. Plenty of organisations self-assess and certify without help. A Cyber Advisor is for when you want the gaps closed properly rather than worked around, when you do not have in-house IT capacity, or when you want confidence that the person advising you actually knows the standard. If your setup is simple and well maintained, we will tell you that too, and our free Cyber Essentials checker is a sensible place to start.

How is a Cyber Advisor different from a certification body?

They sit on opposite sides of the same standard. A Cyber Advisor helps you implement the controls before assessment. A certification body assesses and certifies organisations against the standard. Dead Simple Computing is both: an NCSC Assured Service Provider under the Cyber Advisor scheme, and an appointed Cyber Essentials certification body. That means the implementation help you get is informed by exactly what the assessment looks for.

What does the Cyber Advisor service cost?

It depends on the size of your estate and how many gaps the readiness review finds, so we quote after that review rather than inventing a number before we have seen anything. The review itself is scoped and priced up front, and every engagement is fixed-price once scoped. Our pricing page explains how we charge across all services.

How do I verify your Cyber Advisor status?

Check IASME's Cyber Advisor pages, which list assured providers, or see our NCSC Assured Service Provider page for what the assurance covers. We would rather you verify it independently, that is the point of the scheme.

Get assured, hands-on help with your controls.

Tell us where you are with Cyber Essentials, whether that is nowhere yet, stuck on a control, or facing a contract deadline. We will set out the path plainly and do the work with you. We reply within one working day, and you will speak to an engineer, not a salesperson.

Reading, Berkshire  /  NCSC Assured Service Provider, Cyber Advisor scheme  /  reply within one working day