The UK’s National Cyber Security Centre (NCSC) has announced a significant expansion of its assured Cyber Incident Response (CIR) scheme, introducing a new tier to the program.
The updated scheme will now categorize companies providing CIR services into Level 1 and Level 2, thereby enabling a broader range of companies to deliver high-quality incident response assistance to a larger number of victim organizations across the United Kingdom.
The NCSC’s Cyber Incident Response scheme is a well-established initiative that aids organizations navigating cyberattacks by quickly identifying reputable providers of commercial incident response services. These certified companies assist in investigating and recovering from cyberattacks while also providing guidance on preventing future threats.
Previously, the CIR scheme concentrated on assuring companies capable of offering incident response services to entities operating networks of national significance. This typically included central government bodies, critical national infrastructure organizations, and regulated industries, all of which face heightened risks from targeted and sophisticated attacks carried out by nation-state actors.
Level 1 Assured Service Providers possess the capability to address various types of cyber incidents across all types of organizations. The NCSC strongly encourages organizations operating national significance networks to engage with a Level 1 service provider when confronted with a cyber attack, especially if it is a highly sophisticated attack.
Level 2 companies, on the other hand, are deemed capable of providing support for most organizations facing common cyber threats, such as ransomware attacks. This category includes private sector companies outside of critical infrastructure sectors, charities, local authorities, and smaller public sector organizations.
Chris Ensor, Deputy Director of Cyber Growth at the NCSC, shared his thoughts on the expansion:
“Being a victim of a cyber attack can be extremely stressful. Finding professionals with the required skills and knowledge to assist can be a daunting task, especially for those unfamiliar with the cybersecurity landscape. We’ve been providing Assured Cyber Incident Response services for organizations targeted by the most advanced threat actors for many years.”
“I am delighted that we can now offer a similar service for any organization affected by criminal threat actors. This service will be suitable for the majority of incidents faced by smaller organizations. The NCSC badge will provide assurance that the chosen company possesses the expertise needed to assist them.”
Organizations that fall victim to cyber attacks are advised to report incidents via the NCSC’s designated channels. Those in search of an NCSC Assured Cyber Incident Response provider can access a list of certified providers through the CIR scheme’s “Find a Provider” page on the NCSC website.
For incident response companies interested in joining the new Level 2 of the CIR scheme, detailed information can be found on the scheme’s “Information for Service Providers” page.
In its capacity as the National Technical Authority for cybersecurity, the NCSC collaborates with the industry to extend the reach of its cybersecurity initiatives. This includes assessing industry services against NCSC’s rigorous standards. The initiative has brought together over 400 companies offering services in partnership with the NCSC.
https://www.ncsc.gov.uk//news/ncsc-cyber-incident-response-scheme-available-more-organisations