Wednesday 06 Dec 2023 @ 15:25
National Cyber Security Centre
Printable version

NCSC launches Cyber Incident Exercising scheme

New CIE assured providers give organisations support to create structured table-top or live-play cyber incident exercises.

The NCSC is launching a new Cyber Incident Exercising scheme today, giving organisations access to NCSC assured Exercising providers for the first time.

In August, the NCSC announced CREST and IASME as the Delivery Partners for the scheme, to manage the assessment on our behalf, and to onboard the assured exercising service providers.

Now, with a number of Assured Service Providers in place, the scheme is open for business. You can find a list of service providers on the Cyber Incident Exercising scheme page. The new CIE Scheme provides organisations with access to NCSC assured CIE service providers able to create bespoke, structured table-top or live-play cyber incident exercises. It sits alongside the NCSC’s free and easy-to-use Exercise in A Box tool that allows you to test your incident response against a host of generic cyber incident scenarios. Assured Cyber Incident Exercising companies will work alongside, challenge and help organisations to robustly practise their responses in a safe environment.

The scheme assures companies to deliver two types of cyber exercises:

  • Table-Top – discussion-based sessions where participants talk about their roles and responsibilities, activities and key decision points (in line with their organisation’s incident response plan) for a pre-agreed scenario.
  • Live-Play – sessions where participants carry out their roles and responsibilities in close to real time, in response to a controlled feed of information, representing a pre-agreed scenario. Live play exercises are best suited to mature organisations looking for in-depth validation of plans.

The exercises are designed to simulate incidents which have a significant impact on a single client organisation. The scheme does not cover category 1 and category 2 incidents, as defined by the UK cyber incident categorisation system.

Speaking of the new scheme, NCSC Director of Operations Paul Chichester said:

I’ve often said the first time you try out your cyber incident response plan shouldn’t be on the day you are attacked. So, if you do only one thing on a regular basis, incident exercising should be it. That’s why I’m delighted that the NCSC’s Cyber Incident Exercising scheme is now open and buyers can use it to find trusted providers that can help prepare for when the worst happens. Exercising in a safe and supportive environment will allow all the relevant teams and individuals to properly understand their roles and maximise their effectiveness during an incident. In turn this will help to minimise harm and improve the resilience of both individual organisations and the UK as a whole.

Notes

How to find an NCSC Assured Cyber Incident Exercising provider

You can find a list of NCSC Assured Cyber Incident Exercising providers via the scheme’s “Find a Provider” page or the main “Verify suppliers” search on the NCSC website.

Become an Assured Service Provider

If you offer exercising services and are interested in joining the new Cyber Incident Exercising scheme, visit the scheme’s “Information for Service Providers” page, where you can find the CIE scheme standard and details of the fee structure and how to apply on our delivery partners’ websites: CREST and IASME

Working with industry to extend the reach of the NCSC

As the National Technical Authority for cyber security, the NCSC helps define best-practice standards. Through Industry Assurance schemes like the Cyber Incident Exercising scheme, we assess industry services against the NCSC’s standards.

We currently have over 400 companies offering services on behalf of the NCSC.

Channel website: https://www.ncsc.gov.uk/

Original article link: https://www.ncsc.gov.uk/news/ncsc-launches-cyber-incident-exercising-scheme

Share this article

Latest News from
National Cyber Security Centre

Statement on major IT outage

19/07/2024 16:30:00

Following the global IT outage on Friday 19 July, affected organisations should put in place vendor mitigations. The NCSC is also warning about an increase in related phishing.

NCSC Chief Engineer recognised in prestigious Women in Engineering awards

10/07/2024 16:05:00

The NCSC’s Chief Engineer has been named as one of the top 50 Women in Engineering at a prestigious awards ceremony.

National Cyber Security Centre CTO: The tech market isn't working

15/05/2024 14:10:00

Ollie Whitehouse will say in his keynote speech that companies globally know how to build resilient, secure technology, but the market does not incentivise them to do so.

New laws to protect consumers from cyber criminals come into force in the UK

29/04/2024 14:22:00

From today, regulations enforcing consumer protections against hacking and cyber-attacks will take effect, mandating that internet-connected smart devices meet minimum-security standards by law.

NCSC enters new partnership for PDNS delivery

17/04/2024 13:05:00

The National Cyber Security Centre announces new partnership to deliver the Protective Domain Name System (PDNS) service.

UK holds China state-affiliated organisations and individuals responsible for malicious cyber activity

26/03/2024 10:31:00

UK calls out pattern of malicious cyber activity by Chinese state-affiliated organisations and individuals targeting democratic institutions and parliamentarians.

NCSC and partners issue warning about state-sponsored cyber attackers hiding on critical infrastructure networks

08/02/2024 11:05:00

GCHQ’s National Cyber Security Centre and partners share details of how threat actors are using built-in tools to camouflage themselves on victims’ systems.

Business leaders urged to toughen up cyber attack protections

24/01/2024 13:12:00

New guidelines to help directors and business leaders boost their resilience against cyber threats.

Exploitation of vulnerabilities affecting Ivanti Connect Secure and Ivanti Policy Secure

15/01/2024 10:15:00

Organisations are encouraged to take immediate action to mitigate vulnerabilities affecting Ivanti Connect Secure (ICS) and Ivanti Policy Secure (IPS) gateways (CVE-2023-46805 and CVE-2024-21887), and follow the latest vendor advice.