Who is eligible for fully funded services?

Cyber PATH services may be delivered to private, public and charitable sector organisations.

Services will only be delivered where an organisation meets the following criteria:

  • The organisation must be a sole trader, micro, small or medium as defined by GOV.UK – Small and Medium-sized Enterprises definition.

    Read GOV.UK Definition

  • UK-domiciled
  • Turnover under £20m (based on IASME Cyber Essentials free insurance requirements)

    Read more about IASME Cyber Insurance

  • The organisation is not part of a larger trust or network with a single IT infrastructure whose size would mean they collectively fall outside of policy e.g. multi-school trust.

Exceptional Circumstances

In certain circumstances we can consider requests of services that fall outside of policy, a discussion must be had with the Head of Cyber PATH who has the final approval and will document their
decision and rationale, and share with the relevant regional CRC.

Where appropriate for wider learning, decisions and rationale may be more widely shared with the network. Regional CRCs will not agree to any delivery on behalf of NCRCG.

Where services are sought by public sector organisations, consideration must be given to whether cyber security measures can and should be delivered by the responsible Government department
rather than Cyber PATH. This may be a decision to be escalated to the Home Office by the Head of Cyber PATH.

Sign up to your Regional CRC

Our services are delivered via the 9 Cyber Resilience Centres located throughout the UK.

The first step to taking advantage of the range of services provided by Cyber PATH is to sign up for membership at your nearest Cyber Resilience Centre. It's FREE to join, and it comes with many benefits that will help to make your business more cyber resilient.

Find your Regional Centre