The National Cyber Security Centre (NCSC) has launched its new Cyber Incident Exercising scheme, with the aim of helping organizations to carry out cyber incident response exercises.
First announced in August 2023, the scheme involves cyber security not-for-profit CREST and certification organization IASME as the delivery partners for the scheme, managing assessments and bringing the assured exercising service providers on board.
"In some respects, there is no difference between our delivery partners – both will adhere to the NCSC’s strict standards for assessing technical and organizational capability," said Catherine H, NCSC's head of assured professional services schemes, industry assurance.
"However, the model each is using for the processes of onboarding, ongoing management and off-boarding of suppliers is different. Having two delivery partners means potential providers have two routes to apply for membership of the CIR Level 2 scheme and can choose whichever is best for their business."
Inside the NCSC Cyber Incident Exercising scheme
The NCSC Cyber Incident Exercising scheme gives organizations access to approved service providers that will create bespoke, structured table-top or live-play cyber incident exercises.
It's designed to complement the NCSC’s free Exercise in A Box tool, which allows organizations to test their incident response against a host of generic cyber incident scenarios.
"I’ve often said the first time you try out your cyber incident response plan shouldn’t be on the day you are attacked. So, if you do only one thing on a regular basis, incident exercising should be it," said NCSC director of operations Paul Chichester.
"Exercising in a safe and supportive environment will allow all the relevant teams and individuals to properly understand their roles and maximize their effectiveness during an incident. In turn this will help to minimize harm and improve the resilience of both individual organizations and the UK as a whole."
However, the scheme doesn't cover category 1 and category 2 incidents, as defined by the UK cyber incident categorization system.
Category 1 incidents are national cyber emergencies causing sustained disruption to the UK’s public services or affecting national security, and leading to severe economic and social impacts or deaths.
RELATED RESOURCE
Discover how you can protect your business from potential attacks
DOWNLOAD NOW
Meanwhile, Category 2 incidents are those with a 'serious impact' on central government, essential public services, a large proportion of the population, or the economy. In both these cases, there would be a coordinated government response.
Instead, the scheme is designed to simulate incidents that have a significant impact on a single client organization.
According to IASME, the scheme is primarily aimed at private sector organizations, charities, local authorities, and smaller public sector organizations which operate in the UK.
Companies can access services through a portal of approved providers, the NCSC said.
"We are determined that companies of any size can apply to join any of our schemes. We particularly welcome companies located in or serving geographically remote or under-represented areas," the NCSC said.
"Similarly, if your company is working hard to address issues of under-representation in the cyber security workforce, we’d love to see your application."
-
Bigger salaries, more burnout: Is the CISO role in crisis?In-depth CISOs are more stressed than ever before – but why is this and what can be done?
-
Cheap cyber crime kits can be bought on the dark web for less than $25News Research from NordVPN shows phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25.
-
Five Eyes cyber agencies issue guidance on edge device vulnerabilitiesNews Cybersecurity agencies including the NCSC and CISA have issued fresh guidance on edge device security.
-
"Thinly spread": Questions raised over UK government’s latest cyber funding schemeThe funding will go towards bolstering cyber skills, though some industry experts have questioned the size of the price tag
-
State-sponsored cyber crime is officially out of controlNews North Korea is the most prolific attacker, but Russia and China account for the most disruptive and tightly-targeted campaigns
-
Modern enterprise cybersecuritywhitepaper Cultivating resilience with reduced detection and response times
-
IDC InfoBrief: How CIOs can achieve the promised benefits of sustainabilitywhitepaper CIOs are facing two conflicting strategic imperatives
-
The NCSC and FBI just issued a major alert over a state-backed hacker group – here’s what you need to knowNews State-affiliated attackers are targeting individuals via spear-phishing techniques, according to the NCSC
-
UK's data protection watchdog deepens cooperation with National Crime AgencyNews The two bodies want to improve the support given to organizations experiencing cyber attacks and ransomware recovery
-
The NCSC wants to know how your business is using honeypots to combat hackersNews The NCSC hopes to encourage the use of cyber deception techniques within the UK, across government and critical national infrastructure
