in Security

NCSC launches Cyber Incident Exercising scheme

Posted 5 December 2023

The NCSC is launching a new Cyber Incident Exercising scheme today, giving organisations access to NCSC assured Exercising providers for the first time.

Image courtesy Shutterstock

In August, the NCSC announced CREST and IASME  as the Delivery Partners for the scheme, to manage the assessment on our behalf and to onboard the assured exercising service providers.

Now, with a number of Assured Service Providers in place, the scheme is open for business. You can find a list of service providers on the Cyber Incident Exercising scheme page. The new CIE Scheme provides organisations with access to NCSC assured CIE service providers able to create bespoke, structured table-top or live-play cyber incident exercises. It sits alongside the NCSC’s free and easy-to-use Exercise in A Box tool that allows you to test your incident response against a host of generic cyber incident scenarios. Assured Cyber Incident Exercising companies will work alongside, challenge and help organisations to robustly practise their responses in a safe environment.

The scheme assures companies to deliver two types of cyber exercises:

  • Table-Top – discussion-based sessions where participants talk about their roles and responsibilities, activities and key decision points (in line with their organisation’s incident response plan) for a pre-agreed scenario.
  • Live-Play – sessions where participants carry out their roles and responsibilities in close to real time, in response to a controlled feed of information, representing a pre-agreed scenario. Live play exercises are best suited to mature organisations looking for in-depth validation of plans.

The exercises are designed to simulate incidents which have a significant impact on a single client organisation. The scheme does not cover category 1 and category 2 incidents, as defined by the UK cyber incident categorisation system .

Speaking of the new scheme, NCSC Director of Operations Paul Chichester said: "I’ve often said the first time you try out your cyber incident response plan shouldn’t be on the day you are attacked. So, if you do only one thing on a regular basis, incident exercising should be it. That’s why I’m delighted that the NCSC’s Cyber Incident Exercising scheme is now open and buyers can use it to find trusted providers that can help prepare for when the worst happens. Exercising in a safe and supportive environment will allow all the relevant teams and individuals to properly understand their roles and maximise their effectiveness during an incident. In turn this will help to minimise harm and improve the resilience of both individual organisations and the UK as a whole."



Other Stories
Latest News

DBS appoints Mike Helme as Managing Director, Defence

David Brown Santasalo (DBS) has appointed Mike Helme as Managing Director, Defence.

Aerobility appoints Al Rosser as Chief Flying Instructor

Aerobility has appointed former Royal Air Force (RAF) pilot Al Rosser as its new Chief Flying Instructor and Service Delivery Director.

EasyJet opening UK base at Birmingham Airport

The UK’s largest airline easyJet is this week celebrating carrying over five million passengers to and from Birmingham Airport, ahead of opening a new base there next month.

Luke Farajallah appointed CEO of Loganair

Luke Farajallah has been appointed Chief Executive Officer (CEO) of Loganair, effective Monday 4th March.

CAA proposals aim to make light aircraft safer

The safety of people flying in light aircraft could increase following new proposals put forward by the UK Civil Aviation Authority (CAA), to require active carbon monoxide (CO) detectors to be carried on some piston-engine aircraft.

IBA adds mobile app to Insight capabilities

Aviation market intelligence and advisory company, IBA, has further enhanced its Insight’s fleet monitoring capabilities with a powerful new mobile application.

ODU SK0106300622
See us at
DVD BTSpace Comm Expo BT