Cyber Incident Exercising

Peritus is uniquely positioned to support you in your cyber incident exercises. By partnering with approved Cyber Incident Exercising (CIE) Assured Service Providers as part of the National Cyber Security Centre (NCSC) scheme.

Cyber Incident Exercising (CIE)

Conducting cyber incident exercises is crucial for your organisation's readiness as it replicates real-world cyber threats, enabling you to evaluate, rehearse, and enhance your response capabilities. These exercises will improve your strategic thinking, pinpoint vulnerabilities, promote a proactive security mindset, and establish a robust defense against the constantly evolving cyber landscape. By practicing and refining your incident response strategies, you will be better equipped to handle cyberattacks, accurately gauge recovery time, and expedite the resumption of operations, ultimately minimising expenses and potential harm to your reputation.

NCSC Cyber Incident Exercising Scheme

As a partner of an approved provider of Cyber Incident Exercising (CIE) Assured Services under the National Cyber Security Centre (NCSC) scheme, Peritus is well-positioned to support your cyber incident exercising needs. Being part of this scheme ensures that Peritus adheres to the NCSC's strict standards for creating and conducting high-quality cyber incident exercises, with the necessary expertise to develop tailored exercises.

The NCSC CIE scheme, managed by IASME, focuses on two types of cyber exercises:

  • Table-Top: A scenario-based exercise where Peritus creates a situation based on your organization's information. Participants respond to evolving scenarios in line with your incident response plan.

  • Live-Play: Participants fulfill their roles in nearly real-time, responding to controlled information feeds based on scenarios agreed upon with your organization.

These exercises aim to replicate incidents with significant impacts on individual organisations and do not cover category 1 and category 2 incidents according to the UK cyber incident categorization system.

Why Peritus

By partnering exclusively with CREST-accredited organisations, Peritus can offer assurance that its cybersecurity penetratioan testing is backed by independently evaluated policies, processes, and procedures. Accreditation to the CREST OVS program demonstrates Peritus' dedication to employing highly skilled professionals capable of conducting Level 1 and Level 2 ASVS and MASVS assessments for web and mobile applications. From project initiation to completion, Peritus supports clients throughout the penetration testing process. Their expert team aids in scoping, provides updates during assessments, conducts debrief meetings post-assessment, and guides clients through the remediation phase. Understanding that penetration testing aims to mitigate risks to clients' assets, Peritus offers a complimentary retest for any high or critical vulnerabilities identified within 30 days post-assessment.

Setting Peritus apart is its comprehensive approach, not only offering advanced testing services but also providing governance, risk, compliance solutions, policy development, processes, and training to address security gaps. As a Payment Card Industry Qualified Security Assessor Company (PCI QSAC), Peritus can deliver assessment consultancy, Report on Compliance (RoC) services, and PCI penetration testing services through their URM teams.