The National Cyber Security Centre (NCSC) has announced plans to launch the Cyber Incident Response Level 2 (CIR L2) scheme, aimed at providing comprehensive support to victims of common cyber attacks driven by financial motives. With its first delivery partner, CREST, already onboard, the NCSC is inviting incident response providers to join this groundbreaking initiative.Building upon the successful launch of the Cyber Advisor program in April, which targeted small and medium-sized organizations, the NCSC is expanding its incident response scheme to cater to a broader clientele. Recognizing the importance of collaboration, the NCSC is proud to introduce CREST as its inaugural Delivery Partner.The existing Cyber Incident Response scheme, now known as Cyber Incident Response Level 1 (CIR L1), has long provided assurance to companies offering incident response services to central government agencies, Critical National Infrastructure organizations, and international entities. These CIR L1 providers have played a vital role in assisting clients in responding to and recovering from complex, targeted cyber attacks.However, the NCSC acknowledges that CIR Level 1 is not suitable for and lacks the capacity to assist most victims of cyber attacks, particularly private sector organizations, charities, local authorities, smaller public sector bodies, and organizations operating predominantly in the UK. These groups are more likely to face non-targeted, financially-motivated attacks that can still be challenging and damaging. They often require external help and advice to manage and recover from such incidents.To bridge this gap, the NCSC is launching the Cyber Incident Response Level 2 (CIR L2) scheme, leveraging the expertise of its Delivery Partners. The first Delivery Partner to join forces with the NCSC is CREST. As part of their role, Delivery Partners will handle the assessment, onboarding, monitoring, and offboarding of Assured Service Providers, ensuring compliance with the NCSC’s stringent technical and organizational standards.UK-based providers of incident response services can now approach CREST with their inquiries and submit applications to join the scheme. The NCSC’s website provides access to the scheme standards, while CREST’s website offers detailed information about the fee structure and application process. Once a sufficient number of companies have been accepted into the scheme, the NCSC will declare it open for business and publish relevant information for prospective buyers.Looking ahead, the NCSC plans to announce a second Delivery Partner for CIR L2 and introduce a new initiative to assure companies that offer Cyber Incident Exercising Services. Stakeholders in the industry are encouraged to stay informed about these developments through future updates.It is important to note that although the NCSC is currently working through Delivery Partners, they are committed to ensuring that companies of all sizes can apply to join their schemes directly. They particularly encourage applications from companies in geographically remote or underrepresented areas. Additionally, if any artificial barriers hinder prospective applicants from participating, the NCSC urges them to report the issue, as they actively strive to eliminate such obstacles.The NCSC’s dedication to expanding the scope of cyber incident response demonstrates its commitment to safeguarding organizations across various sectors, empowering them to effectively navigate the ever-evolving cyber threat landscape.
Subscribe to our mailing list to get the new updates!
October 20, 2023
October 20, 2023