CiSP and Cyber Essentials

CiSP and Cyber Essentials

What is the Cyber-security Information Sharing Partnership?

The cyber threat does not become a managed organisational risk until it is understood. Good situational awareness is key to managing this risk.

CiSP is a joint industry and government scheme based in the National Cyber Security Centre (NCSC) designed to deliver situational awareness to its members and encourage the sharing of information on cyber risk to enable others to adopt appropriate mitigation.

CiSP is a secure social networking platform that enables its members to receive enriched cyber threat and vulnerability information and exchange information on threats and vulnerabilities as they occur in real time.

Who is CiSP for?

CiSP is funded by the UK Government through the National Cyber Security Programme and is offered as a free service and is primarily aimed at organisations who manage IT networks in the UK.

Scottish Information Sharing Network (SCiNET GROUP)

CiSP has entered into a partnership with the law enforcement to set up regional groups for organisations to share threat and vulnerability information with other organisations in their region. SCiNET has been set up as a community for Scottish Businesses to engage.

CiSP is a tool for every kind of organisation within the UK, regardless of their cyber maturity or location. The regional groups allow organisations with less resource to spend on cyber-security access to threat information and recommended actions for free.

For full details please download our CiSP information guide

For more information on CISP please visit​ alternatively contact Graham Bye, Scottish CiSP Co-ordinator [email protected] 

Cyber Essentials Business Benefits

The Cyber Essentials Scheme is a Government backed baseline standard in cyber security enabling businesses to demonstrate that they both understand and address the cyber risks.

Cyber criminals are after your money, your data, your customers data and your intellectual property. With the EU General Data Privacy Regulation due to take effect in April 2018 holding Cyber Essentials Scheme Certification will go some way to demonstrating that your organisation has taken appropriate steps to prevent data breaches. If you haven’t taken steps to protect yourself, take action now. It’s easy to get good, basic protection in place with Cyber Essentials.

The majority of cyber-attacks exploit basic weaknesses in your IT systems and software. Cyber Essentials shows you how to address those basics and prevent the most common attacks. The scheme is designed by Government to make it easy for you to protect yourself.

Why should I get Cyber Essentials?

Cyber Essentials helps prevent the vast majority of opportunistic cyber-attacks. Even a simple virus or piece of malware could result in loss of company and client data, disrupt your cashflow and take up staff time. An attack could also put off your customers, stop you trading and damage your hard-earned reputation. It could also be reported in the local media. Loss of data could lead to fines or prosecution.

Furthermore, findings from a report published by Lancaster University assessed the Cyber Essentials controls in effectiveness in mitigating cyber- threats.  The report demonstrated that from two-hundred randomly selected SME businesses analysed, the results show that without the Cyber Essentials controls in place none of the attacks were mitigated.  With the Cyber Essential tools in place, more than 99% of the vulnerabilities in the SMEs interviewed were mitigated. 

For full details please download our Cyber Essentials information guide

Fore more information, please visit 

You can read the full report by Lancaster University here Cyber security controls effectiveness: a qualitative assessment of cyber essentials. Lancaster University, 2015.

Trusted Partners in Cyber Security for Business

So what’s this about?

Since the launch of Scotland’s Cyber Resilience Strategy, SBRC, as one of a number of core partners to the delivery of the strategy, have been listening hard to business Cyber Security requirements and also looking ahead to the introduction of basic standards of cyber security.

You may have heard of this activity through the vouchers scheme that Scottish Enterprise supported in helping small businesses to reach the minimum standard of Cyber Essentials.

So what now?

Many companies have talked to us about who they can trust, who to use for cyber security advice and how a business can know if their third party suppliers on managed IT services, are complying themselves with good robust standards.

We are delighted to announce a Trusted Partners scheme through SBRC. This scheme carries the endorsement of our core partners in Police Scotland.

Trusted Partners is the group of companies working in Scotland who have passed the advanced status of being Cyber Essential Certifying Bodies. What does that mean? - Very simply, it means that they can advise companies on achieving that core standard of Cyber Essentials and for larger or more advanced companies, Cyber Essentials Plus.

Over the next few months we will be building awareness of this group and featuring these companies as a core group which we are pleased to promote to help businesses in Scotland.

So for now, here is a list of core cyber security Trusted Partners and the links to their websites:

• 7 Elements Ltd, Linlithgow -
• Aggress Ltd, Prestwick -
• BC Technologies, Dunoon -
• Commissum Associates Ltd, Edinburgh -
• ID Cyber Solutions, Glasgow -
• MTI Technology, Livingston -
• NCC Group, Glasgow and Edinburgh -
• Nethost Legislation, Aberdeen -
• Pentest Ltd, Glasgow & Edinburgh -
• Pulsant, Edinburgh -
• Seric Systems Ltd, Paisley -
• Truststream, Edinburgh -

Client Case Studies

You can view some some client cases studies from businesses who have benefited from Cyber Essentials.  Client Case Studies. 

Contact us

If you require any further information, support or guidance, please contact Graham Bye, Scottish CiSP Co-ordinator [email protected]

Member Log-In

Welcome to the SBRC Members Lounge, login details will be issued to members in due course.

Forgot password?