NCSC Launches Cyber Incident Exercise Scheme

10 mins

In a bid to fortify the nation's cybersecurity infrastructure, the UK's National Cyb...

Mane Defence Team

By Mane Defence Team

In a bid to fortify the nation's cybersecurity infrastructure, the UK's National Cyber Security Centre (NCSC) has taken a significant step forward by introducing a Cyber Incident Exercising (CIE) scheme. This initiative aims to promote and certify assured providers of cyber-incident response exercises, a critical component in today's increasingly digital landscape. Partnering with longstanding allies CREST and IASME, the NCSC is set to bolster the nation's cyber resilience by identifying and nurturing organisations capable of delivering effective incident response exercises.

The Significance of the CIE Scheme

The NCSC's emphasis on incident response exercises comes as a timely and crucial move in the world of cybersecurity. With cyber threats evolving at an alarming pace, businesses and organisations must be equipped with the skills and resources to swiftly and effectively respond to potential breaches. The CIE scheme serves as a beacon to guide organisations towards a heightened state of preparedness, ensuring they are not only aware of potential threats but also capable of mitigating them.

Assured Service Providers: CREST and IASME

Two distinguished organisations, CREST and IASME, have been entrusted as delivery partners for the CIE scheme. Their role is pivotal in assessing the suitability of organisations aiming to become Assured Service Providers. By leveraging their extensive experience and expertise, CREST and IASME will meticulously evaluate the capabilities of potential providers, ensuring they meet the stringent standards set forth by the NCSC.

Inclusive Access for All

The NCSC's commitment to inclusivity is evident in its call for companies of all sizes to apply for the scheme. This open invitation extends to businesses located in geographically remote or under-represented areas. The agency recognises the importance of a diverse and widespread cybersecurity network, one that can effectively safeguard organisations across the nation.

Two Types of Incident Response Exercises

The CIE scheme focuses on evaluating organisations' proficiency in conducting two distinct types of incident response exercises:

  1. Tabletop Exercises: These sessions involve in-depth discussions among participants about their designated roles, responsibilities, and crucial decision-making points within a pre-determined scenario. This type of exercise serves as a valuable preparatory step in understanding potential threats and formulating effective response strategies.
  2. Live-Play Sessions: Tailored for more mature organisations seeking detailed validation of their incident response plans, live-play sessions require real-time responses to a predefined incident scenario. This exercise offers a more hands-on approach, allowing organisations to put their strategies to the test and refine them as needed.

Focus on Organisational Incidents

It's important to note that the exercises conducted under the CIE scheme are designed to simulate incidents specific to a single organisation. Unlike scenarios involving national emergencies or widespread population impact, the focus is on equipping organisations with the tools and knowledge to respond effectively to breaches within their own operational sphere.

The NCSC's launch of the Cyber Incident Exercising scheme represents a significant stride towards fortifying the UK's cybersecurity landscape. By partnering with trusted entities like CREST and IASME, the agency is poised to identify and empower Assured Service Providers, ultimately enhancing the nation's collective cyber resilience. With a focus on inclusivity and a diverse range of exercises, this initiative stands as a testament to the NCSC's dedication to creating a safer digital environment for all. As organisations embrace the CIE scheme, they take a proactive step towards safeguarding their digital future.


We have a strong talent network within the Cyberspace sector, not an easy task as clearly the candidates we are working with don’t advertise their DV / UKIC security cleared status, so this network is built and evolves based on our knowledge of projects, sites and the work being carried out across these.

Get in touch today to learn more about our available candidates.

Contact us

If you are interested in finding out more, speak to one of our recruitment specialists today.

Site by Venn