New NCSC Cyber Incident Exercising scheme opens for business
December 2023 by Marc Jacob
The NCSC is launching a new Cyber Incident Exercising scheme, giving organisations access to NCSC assured Exercising providers for the first time.
In August, the NCSC announced CREST and IASME as Delivery Partners for the scheme, to manage the assessment on behalf of the NCSC, and to onboard the assured exercising service providers. With a number of Assured Service Providers now in place, the scheme is open for business.
The new CIE Scheme provides organisations with access to NCSC assured CIE service providers able to create bespoke, structured table-top or live-play cyber incident exercises. Assured Cyber Incident Exercising companies will work alongside, challenge and help organisations to robustly practise their responses in a safe environment. It sits alongside the NCSC’s free and easy to use Exercise in A Box tool that allows testing of incident response against a host of generic cyber incident scenarios.
The scheme assures companies to deliver two types of cyber exercises:
• Table-Top – discussion-based sessions where participants talk about their roles and responsibilities, activities and key decision points (in line with their organisation’s incident response plan) for a pre-agreed scenario.
• Live-Play – sessions where participants carry out their roles and responsibilities in close to real time, in response to a controlled feed of information, representing a pre-agreed scenario. Live play exercises are best suited to mature organisations looking for in-depth validation of plans.
The exercises are designed to simulate incidents which have a significant impact on a single client organisation. The scheme does not cover category 1 and category 2 incidents, as defined by the UK cyber incident categorisation system.