What does The Cyber Scheme do? What are your core values?
Established in 2013, The Cyber Scheme is at the forefront of the security testing industry in the UK. We examine and accredit hundreds of testers each year under NCSC’s (National Cyber Security Centre) CHECK scheme.
What is the CHECK scheme?
CHECK is the term for the NCSC approved penetration test companies and the methodology used to conduct a penetration test. Companies providing CHECK services do so using staff who hold NCSC approved qualifications and have suitable experience. Penetration tests are conducted using NCSC recognised methods and the subsequent report and recommendations are produced to a recognised standard.
The NCSC and The Cyber Scheme work in collaboration to provide a set of examinations that are acceptable to industry and meet the requirements of private and public sectors. The NCSC now requires all existing and future CHECK Team Leaders and Members to have passed an approved professional examination designed to test for a basic grounding in the discipline.
What else does The Cyber Scheme specialise in?
Last year The Cyber Scheme created an innovative sponsorship community of CHECK certified companies, testing practitioners and organisations committed to improving standards and increasing professionalism within our industry. We provide an objective, supportive opinion on behalf of our sponsors when legislating for change with official bodies including The UK Cyber Security Council, NCSC and CiiSEC. We are involved in the creation of new standards, pilot schemes and regulatory initiatives which are shaping the future of the cyber security industry.
We have also recently instigated a training and mentoring programme, initially for our CHECK community, though this is being expanded to include entry level training. At our practitioner level we run 5 day in-person training courses with expert assessors who aim to support attendees through whichever exams they wish to take to further their career, including our own CSTM CHECK exams. For specialists at the top of their career we also offer advanced mentoring sessions, aiming to help them fill knowledge gaps.
What makes you unique?
Being one of only two companies in the UK accredited by NCSC to carry out exams for the CHECK scheme, we have fostered amazing relationships with CHECK companies and the wider pen testing community. Our understanding of their organisational challenges, recruitment and retention issues, and commercial needs combined with our close relationship with industry bodies which regulate this industry means we are in a unique position to offer and receive objective advice, feedback and support – we describe ourselves as an impartial voice for the security testing community. Through training and assessing the ‘best in the business’ we also have a thorough and up to date knowledge of innovations and challenges faced within this ever changing environment, and are ideally placed to help create new standards to meet the needs of businesses as they seek to protect themselves from evolving cyber attack.
Are there any recent developments in your industry?
We have recently been involved in the development and launch of the Cyber Advisor (Cyber Essentials) scheme. This has been established by the NCSC and implemented by The IASME Consortium to provide small and medium sized organisations with reliable and cost effective cyber security advice and practical support. The aim is improve the cyber security of small organisations and reduce the likelihood of the most commonly experienced cyber attacks. The Cyber Advisor scheme gives buyers the confidence that their chosen service provider is offering cyber security advice to an NCSC approved standard. All Cyber Advisors must work for a company which has met the NCSC’s standards and been accepted as an Assured Service Provider.
The Cyber Scheme developed the syllabus and exam and ran a successful pilot in conjunction with IASME at the beginning of this year, and the scheme is now fully operational having been launched at CyberUK in Belfast in April.
The Cyber Scheme is currently the sole assessment provider for the scheme and are now running exams from our centre in Cheltenham, which will roll out nationally as the scheme expands.
This development is in reaction to addressing the largely unregulated landscape of cyber advice consultancies, and dovetails with The Cyber Scheme’s intention of supporting increased regulation within the cyber security industry, to protect both buying and selling communities.
How do you plan to innovate within your industry in the next 5 years? Are there any specific or more general goals that you have set for your company that you would like to share?
We all know there is a skills/recruitment gap in cyber which only seems to get worse year on year despite many efforts to establish training, career development and entry level pathways. There is a definable gap between those leaving education, and attempting to enter the workforce.
Our main goal is to increase the employable ‘oven ready’ talent pool entering the security testing industry by simplifying and de-mystifying career pathways. In late 2023 we are launching The Cyber Challenge, a Charitable Trust which will provide education, training, resources, mentoring, assessment, and exposure to the real world of cyber security for adults from non-academic and diverse backgrounds. We will provide an official route into a career in cyber security by partnering with industry bodies including NCSC, The UK Cyber Security Council, IASME and CiiSEC for support, endorsement, knowledge sharing and career development resources.
Industry partnerships will also enable the Challenge to have access to sponsorship from enterprises working within industry, ensuring that the cyber security industry plays an active and engaged role in developing future talent using ‘best in show’ training and assessments.
We are also involved in several pilot schemes addressing areas of growing need within the industry as it evolves, including the creation of IoT and Incident Response standards and assessments.
What’s the secret to your growth over the last 18 months?
We have created the best team to drive innovation, from technical and strategic experts to marketing, sales and operations specialists. Our sector experts have many years’ combined knowledge and experience, and are able to identify gaps in the market where innovation can solve problems. We have developed close relationships with everyone in the same industry with similar goals. Our aim is to work collaboratively, not in silos.
For any information about our exams, training or growth initiatives please contact us.