The UK cyber security firm Bridewell reports that it has added to its accreditations by becoming a Cyber Incident Exercising (CIE) Assured Service Provider with the UK Government’s official National Cyber Security Centre (NCSC).
The firm has been certified to develop and deliver controlled, scenario-based, tailored exercises in line with the NCSC CIE Technical Standard. This allows customers to assess and optimise their cyber incident response plans against operational, financial and regulatory risks. Bridewell is assured to provide two key services to clients. Firstly, the delivery of approved table-top exercises to evaluate an organisation’s roles and responsibilities, expected activities and key decision points in accordance with incident response plans.
Secondly, the firm can provision live-play exercises, where team members carry out their roles and responsibilities from their normal workplaces within a given cyber incident scenario, with activities and decisions assessed in real-time; to gauge where improvements can be made. As part of the membership, Bridewell will share limited, non-attributable info with the NCSC about conducted exercises to help shape UK cyber security advice and guidance.
Martin Riley, Director of Managed Security Services at Bridewell, pictured, said: “In becoming a CIE Assured Service Provider under the requirements of the NCSC, our experts can help organisations to assess the current effectiveness of their incident response plans against a range of emerging threats. With this news, we’re proud to have gained the distinction of holding the most NCSC accreditations for cyber security in the UK.”
The corresponding launch of the CIE Scheme in December 2023 now means organisations areable to access CIE Assured Service Providers, to have bespoke table-top or live-play cyber incident exercises.
About the firm
Bridewell delivers services to critical national infrastructure, aviation, financial services, government and oil and gas. The company’s industry accreditations include NCSC, CREST, CHECK, ASSURE, IASME Consortium, SOC2, Cyber Essentials Plus, the international information security management standard ISO 27001, and the management standard ISO 9001. In terms of payment card data, the firm is a PCI DSS (Payments Cards Industry Security Standards Council) QSA (Qualified Security Assessor). Visit www.bridewell.com.