The UK and Ireland branch of multibillion-pound beauty giant L’Oréal is to work with the National Cyber Resilience Centre Group (NCRCG) as a national ambassador, helping promote cyber resilience best practice across the UK’s small and medium enterprise (SME) community, focusing on its huge network of customers who operate small, local beauty and hairdressing salons.
A countrywide collaboration between the Home Office, policing, academia, and end-user partners, the NCRCG was established in 2021 to serve as a “vehicle to lead the charge” to strengthen cyber resilience among British SMEs – which are too often under-educated and under-resourced to pay much heed to cyber security.
At its core sits a network of nine regional cyber resilience centres (CRCs), eight in England and one covering Wales, that deliver “affordable” cyber security advice and services through students from 22 universities participating in an adjacent scheme called Cyber Path – supervised by career experts.
“As time passes, we all become more reliant on technology to drive our businesses forward,” said James O’Hare, cyber security CISO for L’Oréal Northern Europe.
“While large companies like ours invest heavily in tech to enhance our productivity as well as protect our business, it is often much more of a challenge for small and medium sized companies. These include the suppliers we work with and the thousands of hairdressing salons our Professional Products Division partners with.”
Going anywhere nice for your cyber attack?
The wider NCRCG ambassador programme – which includes financial services firms and banks such as Aviva, Mastercard and NatWest, security bodies such as ISC2, and tech firms such as Akamai, HP and Microsoft – serves as a means to join together large businesses with senior law enforcement and government to inform the conversation around resilience and help SMEs reduce the risks to themselves, their supply chains and customer bases.
As such, in its new role, L’Oréal will be working hard to raise awareness of cyber issues within its network of small business customers and suppliers and direct them towards the CRC network where appropriate.
“By raising general awareness and signposting to the valuable resources provided by the National CRC Group, we are helping our partners protect sensitive data, maintain customer trust, and avoid costly disruptions, whilst contributing to closing the national skills gap in cyber security,” said O’Hare.
Alan Greig, interim CEO at NCRCG, added: “We are so pleased and proud that L’Oréal UK & Ireland is joining us as a National Ambassador. Our ambition at NCRCG is to build an ambassador programme that represents a broad range of sectors, ensuring we can benefit from key insights from within these sectors and importantly spread our message of cyber resilience across them.
“Welcoming L’Oréal UK & Ireland on board is a fantastic step forward and provides us with important inroads to SMEs in the beauty and cosmetics space which, like SMEs across all other industries, have the potential to be impacted by cyber crime.”
Small businesses, big impacts
According to the NCRCG’s most recently-published update, covering the first three months of 2025, around 21,500 SMEs have now registered across the network, with around 500 new signups every month – helped along by gentle nudging from its ambassadors.
Of those that register, about 85% are actively engaging with Cyber Path services, and 91% of the NCRCG’s total SME engagement is reported as being with organisations that have less than 50 employees – which the Home Office regards as being the hardest businesses to reach when it comes to cyber security messaging.
Construction business Sir Robert McAlpine, another ambassador organisation, has been delivering a marketing campaign aimed at small traders via its internal supply chain payment system, which directs them to a dedicated NCRCG landing page to prompt them to explore further options. It has also been offering this campaign to other construction companies and organisations working in and around the sector.
At Nationwide, meanwhile, the building society delivered an NCRCG campaign to a group of about 200 SMEs suppliers that it works with, aiming to drive take-up of the National Cyber Security Centre’s (NCSC’s) Cyber Essentials certification among those it does business with.
These core, handpicked suppliers were all encouraged to engage their regional CRC, and Nationwide has been supporting them with IASME-backed funding vouchers to assist in achieving Cyber Essentials certification.