The UK’s National Cyber Security Centre (NCSC) has announced an expansion to its Cyber Incident Response (CIR) scheme in a move that has been welcomed by industry figures.
In a statement on Wednesday, the authority revealed that it plans to introduce a new level of coverage through the scheme, meaning that more companies will be able to provide incident response services to a “wider range and larger number” of organizations across the country.
The move is aimed specifically at providing support for charities, local authorities, smaller public sector organizations, and firms operating outside of critical national infrastructure, the NCSC said.
In its prior setup, the CIR scheme focused on providing incident response services to organizations “running networks of national significance”. This applied to central government departments, critical national infrastructure organizations, and regulated industries.
While this aimed to offer protection to organizations at high risk of targeted attacks by cyber criminals and nation-state-backed groups, many industry stakeholders were excluded from coverage due to their size.
Chris Ensor, deputy director of cyber growth at the NCSC, said the expansion of the CIR will give confidence to a wider range of organizations at risk of cyber attacks.
“Falling victim to a cyber attack is really stressful. Finding someone with the skills and knowledge to help can also be hard, if, like many, you are not familiar with the cyber security world,” he said. “For many years, we have Assured Cyber Incident Response services for organizations targeted by the most sophisticated threat actors.
“I am really pleased that we can now assure a similar service for any organizations affected by criminal threat actors, a service that will be good enough for the majority of incidents that smaller organizations face. The NCSC badge will give confidence that the company they use has the right expertise to help them.”
RELATED RESOURCE
Learn how to use threat intelligence to fight ransomware attacks and how data is used to give you an advantage.
DOWNLOAD FOR FREE
Joseph Carson, chief security scientist and advisory CISO at Delinea, welcomed the move, noting that the expansion of the scheme is a well-needed “refresh”.
“The new update is an important and needed refresh that will provide all organizations with a service that will be relevant for most cyber security incidents, rather than a focus on purely organizations running networks of significance, such as central government, critical national infrastructure, and regulated industries,” he said.
Growing cyber security threats
The move by the NCSC comes against a backdrop of heightened cyber security threats facing businesses across the UK.
Third-sector organizations in particular have become lucrative targets for threat actors in recent years, representing easier prey than their private-sector counterparts, according to the NCSC’s own analysis.
Statistics from the UK government’s data breach report, published in late 2022, found that 30% of UK charities were hit with a cyber attack across the year.
87% of those reported experiencing phishing attempts, while nearly one-quarter (23%) were subjected to ransomware attacks.
-
AI is helping bad bots take over the internetNews Automated bot traffic has surpassed human activity for the first time in a decade, according to Imperva
-
Two years on from its Series B round, Hack the Box is targeting further growthNews Hack the Box has grown significantly in the last two years, and it shows no signs of slowing down
-
Five Eyes cyber agencies issue guidance on edge device vulnerabilitiesNews Cybersecurity agencies including the NCSC and CISA have issued fresh guidance on edge device security.
-
"Thinly spread": Questions raised over UK government’s latest cyber funding schemeThe funding will go towards bolstering cyber skills, though some industry experts have questioned the size of the price tag
-
State-sponsored cyber crime is officially out of controlNews North Korea is the most prolific attacker, but Russia and China account for the most disruptive and tightly-targeted campaigns
-
Modern enterprise cybersecuritywhitepaper Cultivating resilience with reduced detection and response times
-
IDC InfoBrief: How CIOs can achieve the promised benefits of sustainabilitywhitepaper CIOs are facing two conflicting strategic imperatives
-
The NCSC and FBI just issued a major alert over a state-backed hacker group – here’s what you need to knowNews State-affiliated attackers are targeting individuals via spear-phishing techniques, according to the NCSC
-
UK's data protection watchdog deepens cooperation with National Crime AgencyNews The two bodies want to improve the support given to organizations experiencing cyber attacks and ransomware recovery
-
The NCSC wants to know how your business is using honeypots to combat hackersNews The NCSC hopes to encourage the use of cyber deception techniques within the UK, across government and critical national infrastructure
