NCSC expands incident response scheme to support smaller at-risk organizations

The UK’s National Cyber Security Centre (NCSC) has announced an expansion to its Cyber Incident Response (CIR) scheme in a move that has been welcomed by industry figures. 

In a statement on Wednesday, the authority revealed that it plans to introduce a new level of coverage through the scheme, meaning that more companies will be able to provide incident response services to a “wider range and larger number” of organizations across the country. 

The move is aimed specifically at providing support for charities, local authorities, smaller public sector organizations, and firms operating outside of critical national infrastructure, the NCSC said. 

In its prior setup, the CIR scheme focused on providing incident response services to organizations “running networks of national significance”. This applied to central government departments, critical national infrastructure organizations, and regulated industries. 

While this aimed to offer protection to organizations at high risk of targeted attacks by cyber criminals and nation-state-backed groups, many industry stakeholders were excluded from coverage due to their size. 

Chris Ensor, deputy director of cyber growth at the NCSC, said the expansion of the CIR will give confidence to a wider range of organizations at risk of cyber attacks. 

“Falling victim to a cyber attack is really stressful. Finding someone with the skills and knowledge to help can also be hard, if, like many, you are not familiar with the cyber security world,” he said. “For many years, we have Assured Cyber Incident Response services for organizations targeted by the most sophisticated threat actors.

“I am really pleased that we can now assure a similar service for any organizations affected by criminal threat actors, a service that will be good enough for the majority of incidents that smaller organizations face. The NCSC badge will give confidence that the company they use has the right expertise to help them.”

Joseph Carson, chief security scientist and advisory CISO at Delinea, welcomed the move, noting that the expansion of the scheme is a well-needed “refresh”. 

“The new update is an important and needed refresh that will provide all organizations with a service that will be relevant for most cyber security incidents, rather than a focus on purely organizations running networks of significance, such as central government, critical national infrastructure, and regulated industries,” he said. 

Growing cyber security threats

The move by the NCSC comes against a backdrop of heightened cyber security threats facing businesses across the UK. 

Third-sector organizations in particular have become lucrative targets for threat actors in recent years, representing easier prey than their private-sector counterparts, according to the NCSC’s own analysis. 

Statistics from the UK government’s data breach report, published in late 2022, found that 30% of UK charities were hit with a cyber attack across the year. 

87% of those reported experiencing phishing attempts, while nearly one-quarter (23%) were subjected to ransomware attacks.