More organisations to benefit from National Cyber Security Centre’s cyber incident response scheme

Ron Alalouff reports on the expansion of the NCSC’s cyber incident response scheme to provide a two-tier system for victim organisations.

In addition to organisations such as those running critical national infrastructure and central government, private sector companies, local authorities and charities will now be able to obtain help from the National Cyber Security Centre’s cyber incident response scheme.

Providers of cyber incident response services will now be designated Level 1 or Level 2 by the government agency NCSC, meaning that there will be a larger pool of assured providers to provide incident response services to a wider range of victim organisations in the UK.

Assured providers are assessed to provide incident response services which conform to the NCSC’s cyber incident response technical standards, so that they can help victim organisations to recover from cyber incidents – such as denial of service, malware, ransomware or phishing attacks. They also carry out a full investigation of an incident, along with recommendations on how to prevent it happening again.

Cyber attacks ‘stressful’ for the victims

Cyber attacks are defined by the NCSC as “a breach of a system’s security policy in order to affect its integrity or availability”, or “the unauthorised access or attempted access to a system”.

Level 1 providers are capable of dealing with all types of cyber incident for all types of organisations. The NCSC strongly encourages organisations running networks of national significance to contact a Level 1 company if they experience a cyber attack. It believes that all organisations should use a Level 1 provider if they think they have been the victim of a highly sophisticated attack.

Level 2 companies are assessed as capable of supporting most organisations with common cyber attacks, such as ransomware. This includes private sector organisations outside of critical national infrastructure sectors, charities, local authorities and smaller public sector organisations.

“Falling victim to a cyber attack is really stressful,” said Chris Ensor, the NCSC’s Deputy Director of Cyber Growth. Finding someone with the skills and knowledge to help can also be hard if, like many, you are not familiar with the cyber security world.

“For many years, we have [had] assured cyber incident response services for organisations targeted by the most sophisticated threat actors. I am really pleased that we can now assure a similar service for any organisations affected by criminal threat actors, a service that will be good enough for the majority of incidents that smaller organisations face. The NCSC badge will give confidence that the company they use has the right expertise to help them.”

Listen to the IFSEC Insider podcast!

Each month, the IFSEC Insider (formerly IFSEC Global) Security in Focus podcast brings you conversations with leading figures in the physical security industry. Covering everything from risk management principles and building a security culture, to the key trends ahead in tech and initiatives on diversity and inclusivity, the podcast keeps security professionals up to date with the latest hot topics in the sector.

Available online, and on Spotify, Apple Podcasts and Google Podcasts, tune in for an easy way to remain up to date on the issues affecting your role.

Listen to the podcast today