IR and SimEx: Can and should they be standardized?

2022-01-17 06:30

The new CIR service will extend that reach significantly to encompass local businesses, large businesses and SMEs while the new Cyber Incident Exercising Service will target large and medium organizations as well as central and regional UK Government.

The government body is currently selecting its Assured Scheme Partners with whom it intends to work with to devise the operating model and to help determine how it will implement its technical standards across both services.

The goal of a simulated exercise is to practice, evaluate or improve the IR plan so the real learning comes from how well the incident response process performs.

How closely is the IR plan followed? Should the Information Commissioner's Office be contacted and in which timeframes? Did the comms team know what they should when discussing a with press? Did the technical team remediate using due process? Was evidence safeguarded and protected? This will require the new assurance scheme to set specific tolerances to determine how well departments functioned.

Adding the SimEx service alongside its IR service is a natural next step for the NCSC but a highly significant one for the security sector.

The transparency which the NCSC scheme promises to create will help open the market and drive adoption, making standardization beneficial for business customers and service providers alike, with the latter able to get their IR and SimEx services ratified against the NCSC's standards, providing them with a new route to market.

News URL

https://www.helpnetsecurity.com/2022/01/17/ir-simex/