The National Cyber Security Centre (NCSC) has launched its new Cyber Incident Exercising scheme, with the aim of helping organizations to carry out cyber incident response exercises.
First announced in August 2023, the scheme involves cyber security not-for-profit CREST and certification organization IASME as the delivery partners for the scheme, managing assessments and bringing the assured exercising service providers on board.
"In some respects, there is no difference between our delivery partners – both will adhere to the NCSC’s strict standards for assessing technical and organizational capability," said Catherine H, NCSC's head of assured professional services schemes, industry assurance.
"However, the model each is using for the processes of onboarding, ongoing management and off-boarding of suppliers is different. Having two delivery partners means potential providers have two routes to apply for membership of the CIR Level 2 scheme and can choose whichever is best for their business."
Inside the NCSC Cyber Incident Exercising scheme
The NCSC Cyber Incident Exercising scheme gives organizations access to approved service providers that will create bespoke, structured table-top or live-play cyber incident exercises.
It's designed to complement the NCSC’s free Exercise in A Box tool, which allows organizations to test their incident response against a host of generic cyber incident scenarios.
"I’ve often said the first time you try out your cyber incident response plan shouldn’t be on the day you are attacked. So, if you do only one thing on a regular basis, incident exercising should be it," said NCSC director of operations Paul Chichester.
"Exercising in a safe and supportive environment will allow all the relevant teams and individuals to properly understand their roles and maximize their effectiveness during an incident. In turn this will help to minimize harm and improve the resilience of both individual organizations and the UK as a whole."
However, the scheme doesn't cover category 1 and category 2 incidents, as defined by the UK cyber incident categorization system.
Category 1 incidents are national cyber emergencies causing sustained disruption to the UK’s public services or affecting national security, and leading to severe economic and social impacts or deaths.
RELATED RESOURCE
Discover how you can protect your business from potential attacks
DOWNLOAD NOW
Meanwhile, Category 2 incidents are those with a 'serious impact' on central government, essential public services, a large proportion of the population, or the economy. In both these cases, there would be a coordinated government response.
Instead, the scheme is designed to simulate incidents that have a significant impact on a single client organization.
According to IASME, the scheme is primarily aimed at private sector organizations, charities, local authorities, and smaller public sector organizations which operate in the UK.
Companies can access services through a portal of approved providers, the NCSC said.
"We are determined that companies of any size can apply to join any of our schemes. We particularly welcome companies located in or serving geographically remote or under-represented areas," the NCSC said.
"Similarly, if your company is working hard to address issues of under-representation in the cyber security workforce, we’d love to see your application."
-
Industry welcomes the NCSC’s new Vulnerability Research Initiative – but does it go far enough?News The cybersecurity agency will work with external researchers to uncover potential security holes in hardware and software
-
‘States don’t do hacking for fun’: NCSC expert urges businesses to follow geopolitics as defensive strategyNews Paul Chichester, director of operations at the UK’s National Cyber Security Centre, urged businesses to keep closer tabs on geopolitical events to gauge potential cyber threats.
-
Cyber attacks have rocked UK retailers – here's how you can stay safeNews Following recent attacks on retailers, the NCSC urges other firms to make sure they don't fall victim too
-
Five Eyes cyber agencies issue guidance on edge device vulnerabilitiesNews Cybersecurity agencies including the NCSC and CISA have issued fresh guidance on edge device security.
-
"Thinly spread": Questions raised over UK government’s latest cyber funding schemeThe funding will go towards bolstering cyber skills, though some industry experts have questioned the size of the price tag
-
State-sponsored cyber crime is officially out of controlNews North Korea is the most prolific attacker, but Russia and China account for the most disruptive and tightly-targeted campaigns
-
Modern enterprise cybersecuritywhitepaper Cultivating resilience with reduced detection and response times
-
IDC InfoBrief: How CIOs can achieve the promised benefits of sustainabilitywhitepaper CIOs are facing two conflicting strategic imperatives
