NCSC unveils new Cyber Incident Exercising scheme
The National Cyber Security Centre (NCSC) has launched its new Cyber Incident Exercising (CIE) scheme to help enhance the UK's cyber resilience
The scheme facilitates access to NCSC assured providers for conducting tailored cyber incident exercises.
The providers deliver two types of controlled, scenario-based, exercises:
- Table-top exercises: Discussions about roles, responsibilities, and decision points based on an incident response plan.
- Live-play exercises: Real-time sessions responding to controlled information feeds for in-depth plan validation.
The exercises aim to challenge businesses and organisations to test their incident response against various cyber incident scenarios, and robustly practice their responses in a secure environment.
Read more about the Cyber Incident Exercising scheme and find a list of NCSC assured CIE providers.
The CIE scheme is aimed at organisations with existing cyber incident response plans. It covers category 3, 4 and 5 incidents on the UK's cyber attack categorisation system, ie incidents that have the potential for significant operational, financial, or regulatory impacts.
If you're new to cyber exercising, or looking for off-the-shelf, generic exercises, consider using the NCSC's free Exercise in a Box online tool. This tool contains easy-to-use materials that allow you to test your incident response against a host of cyber incident scenarios.
First published 11 December 2023