Neil starts by giving us a solid understanding of IASME’s pivotal role as the sole delivery partner of the Cyber Essentials scheme on behalf of the National Cyber Security Centre (NCSC). Working in close partnership with the NCSC and the Department for Science, Innovation, and Technology (DSIT), IASME ensures the consistency and credibility of Cyber Essentials across the UK. Neil explains how this collaborative effort aims to improve awareness, adoption, and implementation of essential cybersecurity measures, particularly for MSPs and their clients. 

One of the key points of our discussion is Neil’s emphasis on the necessity of Cyber Essentials. He explains that the scheme is designed to protect businesses against the most common cyber threats, offering a prescriptive approach to cybersecurity. Unlike other standards, Cyber Essentials doesn’t simply recommend best practices—it mandates them. Neil stresses that MSPs, as custodians of their clients’ IT systems, must lead the charge in implementing these essential controls. From patch management to MFA (multi-factor authentication), Cyber Essentials lays out straightforward measures that every organisation, regardless of size, can adopt. 

Neil provides context about why some MSPs are still hesitant to embrace Cyber Essentials. He attributes it to a lack of education and regulation within the industry. Despite being targeted by cybercriminals due to the vast number of endpoints they manage, many MSPs either underestimate the risks or delay action until after an incident. Neil calls on MSPs to take proactive steps by embedding Cyber Essentials into their service offerings, not only to secure their clients but also to stand out in an increasingly competitive marketplace. 

We also explore the three tiers of accreditation offered by IASME: Cyber Essentials, Cyber Essentials Plus, and the IASME Cyber Advisor certification. Neil elaborates on the differences, highlighting how Cyber Essentials focuses on a self-assessment validated by a trained assessor, while Cyber Essentials Plus involves an external audit of a business’s IT systems. For those looking to further establish credibility, the IASME Cyber Advisor certification is an excellent option. Advisors are trained to provide implementation guidance and help businesses achieve compliance. This certification represents a golden opportunity for MSPs to differentiate themselves and gain the trust of potential clients. 

Neil’s passion for education is evident throughout our conversation. He believes Cyber Essentials is not just a sales tool but a vital framework for educating businesses about cybersecurity. Whether it’s a sole trader or a multinational corporation, adopting Cyber Essentials means laying a solid foundation for cybersecurity and safeguarding against the ever-present threat of cyberattacks. He challenges MSPs to embrace their role as educators and advisors, helping clients understand the importance of these controls and encouraging adoption. 

In terms of what’s next, Neil shares exciting updates about upcoming changes to Cyber Essentials. Starting in April, IASME will introduce a new set of requirements, codenamed "Willow". These updates will reflect the industry’s shift towards passwordless authentication and more robust vulnerability management. Neil highlights the growing role of passkeys, which offer a safer alternative to traditional passwords. This evolution aims to stay ahead of cyber threats while making compliance more accessible and effective for businesses of all sizes. 

As the episode concludes, Neil reinforces the importance of collaboration across the industry to secure the UK against cyber threats. IASME is committed to being approachable and responsive, ensuring MSPs have the support they need to succeed. Whether it’s through their technical guidance team or Neil himself, IASME offers resources to help MSPs navigate the certification process and enhance their cybersecurity offerings. 

With Cyber Essentials growing in adoption year after year, the time has never been better to get involved. Whether you’re considering Cyber Essentials certification, Cyber Essentials Plus, or becoming an IASME Cyber Advisor, this conversation with Neil Furminger will inspire you to take the next step. 

Feel free to contact Neil Furminger through his email at [email protected]  

Connect on LinkedIn HERE with Ian and also with Stuart by clicking this LINK 

And when you’re ready to take the next step in growing your MSP, come and take the Scale with Confidence MSP Mastery Quiz. In just three minutes, you’ll get a 360-degree scan of your MSP and identify the one or two tactics that could help you find more time, engage & align your people and generate more leads. 

OR  

To join our amazing Facebook Group of over 400 MSPs where we are helping you Scale Up with Confidence, then click HERE 

Until next time, look after yourself and I’ll catch up with you soon!