Cyber Security Tools and Services
The Cyber Action Toolkit
The Cyber Action Toolkit is a free, personalised cyber security solution for sole traders, micro businesses and small organisations that turns cyber protection into simple, achievable steps for your business. Developed by the UK's National Cyber Security Centre (NCSC), it's a free, government-backed service designed for those new to cyber security or lacking large IT budgets.
Active Cyber Defence (ACD)
The ACD programme consists of a number of interventions or real services - each free at the point of use - that perform a particular security service for organisations.
Early Warning Service
In just 5 minutes, sign up to receive email alerts from the NCSC tailored to the cyber threats for your organisation's IP address: NCSC Early Warning - NCSC.GOV.UK and The NCSC's Early Warning Service.
Instant Checks
The NCSC allows individuals and organisations to run instant checks on their cyber security. You don’t need to register to use it, and the checks can be run in seconds.
Exercise in a Box (EIAB)
EIAB is a resource of realistic scenarios that helps organisations practise and refine their response to cyber security incidents in a safe and private environment. Anyone can download and use EIAB.
E-Mail Check
The NCSC has produced a buyer’s guide to choosing the right external attack surface management (EASM) product for your organisation, and the security features you need to consider. You will be able to use the NCSC Web Check and Mail Check services until 31 March 2026.
Cyber Essentials
Cyber Essentials is a UK Government-backed certification scheme that helps keep your organisation’s and your customers’ data safe from cyber attacks. Whatever your size, from micro businesses to large corporations, achieving this certification will guard against the most common cyber attacks. If you have digital assets or store any data, putting the Cyber Essentials controls in place can help you keep it safe: Cyber Essentials - Secure your business.
The National Cyber Security Centre (NCSC) recommends Cyber Essentials as the minimum standard of cyber security for all organisations. Cyber Essentials Plus is a technical audit of your IT systems. The verified self-assessment questionnaire of Cyber Essentials is a prerequisite to Cyber Essentials Plus.
Although based on the same technical requirements, Cyber Essentials Plus includes a technical audit of your IT systems to verify that the controls are in place. In this way, it gives more assurance that you are complying with the scheme. The audit covers a representative set of user devices, all internet gateways, and all servers with services accessible to the internet.
The official delivery partner for Cyber Essentials is IASME who work with a network of more than 300 cyber security organisations across the UK and Crown Dependencies to advise and certify organisations of all sizes.
Cyber Advisors can provide your business with government-approved cyber security advice and help you work towards a Cyber Essentials certificate.
Become a member of the Wales Cyber Resilience Centre
Whether you're a micro-business, SME, or organisation seeking comprehensive cyber protection, the Wales Cyber Resilience Centre has the perfect membership package tailored to your needs.
Validate your cyber systems using cutting-edge cybersecurity laboratories
The Cyber Innovation Hub offers world-class testbed facilities. From scalable digital twins to representative physical manufacturing and connected vehicle systems. If you have a need for a small-scale virtual or physical testbed to build, test and validate device deployment, processes, incident response plans etc. The Cyber Innovation Hub’s cyber engineers can work with you to build this to your specifications.
Training
Cyber Innovation Hub
Cyber Hygiene & Awareness – Taster Course
A short, practical introduction to essential cyber hygiene skills for everyday work and online safety.
Fundamentals of Cyber Hygiene and Awareness
Build foundational cyber security awareness with clear, everyday guidance to protect yourself and your organisation online.
Effective Cyber Hygiene and Awareness
Advance your cyber hygiene knowledge with practical skills for managing threats, vulnerabilities, and third-party risk.
Fundamentals of Cloud Security
Get a practical grounding in cloud security basics, from models and governance to threats, incident response, and trends.
Intermediate Principles of Cloud Security
Advance your cloud security understanding by exploring governance, risk management, technical controls, and real-world incident response.
Fundamentals of Cyber Security by Design
Understand the fundamentals of how cyber security can be embedded into systems from the ground up; strategically, technically, and operationally.
Cyber Resilience for IT Managers
One-day in-person course for IT leaders to align cyber strategy with business goals, protect assets, and build operational resilience.
Cyber Resilience for Directors and Senior Leaders
This course is designed for directors, senior executives, and business leaders who want to strengthen their organisation’s cyber resilience and understand their board-level responsibilities. Participants will be introduced to the Cyber Governance Code of Practice (CoP) and learn how to embed cyber accountability at the highest level of leadership — ensuring that governance, investment, and culture all align to protect what matters most.
Effective Cyber Security by Design
Build on foundational knowledge with advanced skills in design principles, governance, risk, and operational cyber resilience.
Incident Response Foundations
Immersive incident response training where teams face realistic cyber crises, sharpen plans under pressure, and gain the confidence to act fast when it matters most
Incident Response Realistic Simulation
The full-day programme takes resilience further, simulating a live cyber incident tailored to your organisation.
Introduction to OT and CNI
A beginner-friendly course on Operational Technology (OT) fundamentals, Critical National Infrastructure (CNI) sectors, infrastructure components, and programming controllers.
Introduction to OT Cyber Security Risks and Standards
Focused on the essentials of cybersecurity in Operational Technology (OT) and the specific risks faced when securing OT in Critical National Infrastructure (CNI), this module builds on the knowledge from OT100 but can also be taken independently if you already have a working knowledge of OT.
Foundations of OT Cyber Security
A complete introduction to operational technology and its cyber security challenges.
Applied Foundations of OT Cyber Security
Apply OT security principles in a customised, business-focused learning environment.
OT Cyber Security Understanding Attacks, Defence Tactics to Compliance
Deepen your OT security skills with hands-on threat modelling, MITRE ATT&CK ICS mapping, and zero-trust applications.
UK Government
Top Tips for Staff
This online learning module helps you and your staff understand why cyber security is important and shows how to take practical steps to protect against fraud and cyber crime. It’s suitable for staff all small and medium-sized organisations, including businesses, charities and public sector organisations. It’s totally free, easy-to-use and takes less than 30 minutes to complete. There’s more information on the training: Free online cyber security training for small orgs - NCSC.GOV.UK.
Introduction to Cyber Security
This course developed with the Open University and FutureLearn offers a comprehensive introduction to cyber security and how to protect your digital life online. Anyone with an interest can take part. Study is around two hours per week over eight weeks.
Cyber Governance Training
A free package from the National Cyber Security Centre to help boards and directors manage their digital risks.
National Cyber Security Centre
The NCSC has created five interactive training modules aligned with the principles of the Cyber Governance Code of Practice. Developed with insights from industry Non-Executive Directors and government subject matter experts, these modules are designed to meet the needs of Boards. They support Boards and Directors in understanding the principles of the Code and putting its recommended actions into practice, helping to improve their organisation's cyber resilience, without delving into the technical detail.
Cyber Security Companies
This directory, Supplier Finder - Sell2Wales, lists Welsh cyber security companies by name, by services or by products so you can find the help you need.