in Security

NCSC seeks companies to develop cyber assurance scheme

Posted 5 November 2021 · Add Comment

The National Cyber Security Centre (NCSC) is seeking companies to help develop the assurance scheme for new Cyber Incident Response and Cyber Incident Exercising Services.



Image courtesy NCSC

The NCSC is conducting a market engagement exercise to develop a new scheme that will assure a new Cyber Incident Response Service and a new Cyber Incident Exercising Service.

The new NCSC Assured Cyber Incident Response Level 2 and Cyber Incident Exercising Scheme will provide a route for businesses offering cyber incident response and cyber incident exercising services, to have those services assured against NCSC Standards.

The Cyber Incident Response Level 2 Service will assure incident response services that are offered by companies to local government and large, medium and small businesses. It will complement and extend the NCSC’s existing CIR Service (shortly to be re-branded as the Cyber Incident Response Level 1 Service) which currently supports UK Central Government and large businesses with complex IT systems.

The Cyber Incident Exercising Service will assure scenario-based exercising services, covering table-top and live-play formats, that are offered by companies to large and medium sized organisations and UK Government (central and regional) who want to practice, evaluate and improve their cyber incident response plans in a safe environment.

Companies wishing to provide these new service offerings to end users and who can demonstrate that they meet NCSC standards, will be referred to as Assured Service Providers.

Service Providers can choose to offer both the Cyber Incident Response Level 2 Service and the Cyber Incident Exercising Service, or to specialise in the delivery of one of those services.

The Service Providers will be administered by Assured Scheme Partners who will engage candidate Service Providers, assess them against NCSC standards, on-board successful candidates and assure the ongoing quality of the Service Providers’ service.

These Scheme Partners will be required to administer both the Cyber Incident Response Level 2 Service and the Cyber Incident Exercising Service. A Scheme Partner will not be allowed to operate as a Service Provider.

Market engagement exercise
The NCSC is now inviting prospective Assured Scheme Partners to participate in a market engagement exercise to review and contribute to the final design of the new scheme. This is likely to include reviewing:

  • the proposed operating model
  • how NCSC’s technical standards for the two services will be implemented
  • how management information will be collected.

If you represent a company that might be a prospective Assured Scheme Partner and would like to participate in the market engagement exercise, please email to register your interest Comm.Schemes@ncsc.gov.uk by providing details of your company.

If you are likely to be interested in becoming an Assured Service Provider rather than an Assured Scheme Partner, please do not apply to participate in the market engagement exercise but instead wait until we announce the launch of the scheme, probably during Q2 2022. At that time NCSC will announce that the scheme is open for applications from potential Service Providers.

Not taking part in the market engagement will not exclude companies from applying to be Assured Scheme Partners or Assured Service Providers when the scheme is launched.

The closing date for submissions to join the market engagement is Friday 12th November 2021, at 5pm.
 

 

 

* required field

Post a comment

Other Stories
Advertisement
Latest News

Serco acquires Sapienza

Serco Group plc has entered into an agreement to acquire Sapienza Group, from TP Group plc, to expand its offering to the European space sector.

Menzies Aviation renews Air Canada contract at Heathrow

Menzies Aviation today announced it has renewed a significant ground services contract with Air Canada at Heathrow Airport (LHR) and won new business at Copenhagen Airport (CPH).

Views sought to boost security of UK data centres and cloud services

Looking to strengthen security and resilience of UK’s data infrastructure to protect against outages and national security threats, the Government has announced it is seeking views on how to boost the security and resilience of

UK Government to host AFF22 onboard HMS Prince of Wales in New York

On 28th-29th September, the UK Government will host the Atlantic Future Forum (AFF22) on the aircraft carrier HMS Prince of Wales in New York, bringing together senior politicians, policymakers, military leaders, academia, business

Stay ahead of the airplane

Neil Ballinger, head of EMEA at EU Automation, looks at ways of stepping up to the challenges currently facing aerospace supply chains.

Airbus launches UK ZEDC

Airbus is strengthening its presence in the UK with the launch of a Zero Emission Development Centre (ZEDC) for hydrogen technologies, to be based in Filton, Bristol.

Future Armoured Vehicles Weapon Systems
See us at
Future Arm Vehicles Active Protection Systems BTDVD BT2704220922Advanced Engin BT2504031122Future Armoured Vehicles Weapon Systems BTFuture Arm Vehicles Power Systems BT