NCSC launches 'Exercise in a Box' online tool to help charities strengthen their cyber security

’Exercise in a Box’

As the dark days of January finally begin to fade, thoughts turn to the year ahead and the new challenges that lay in store for us all. Whilst many of us will have taken a well-deserved break over the festive period and come back afresh ready to face the year ahead, unfortunately, cyber criminals have also been busy and are similarly keen to get back to work. It’s therefore important to consider how prepared for a cyber attack your charity is.

Many charities have previously been put off assessing how prepared their organisation is, thinking it was too difficult, expensive or time-consuming to do or simply because it wasn’t clear how beneficial it could be.

Research conducted by National Cyber Security Centre (NCSC) however has demonstrated that one of the best ways to improve your cyber security is to undertake some reflective self-assessment and assess your comparative strengths and weaknesses. In short, flexing your cyber muscles in advance is the best way to prepare yourself to fend off future attacks and, in the event that you are attacked ensures you have practised your response plans.

That is why last year, NCSC launched an online tool called “Exercise in a Box” that is completely free to access, simple to use, and allows you to practice how you would respond to a range of cyber attacks. By using Exercise in a Box, you’ll find out how well prepared your organisation is, and where opportunities for improvements may lie. It will help you to:

• Establish how effective your current defence and response mechanisms are
• Test and check your existing policies and procedures
• Improve your colleagues’ internal relationships and skills (specifically their ability to deal with an actual cyber attack)
• Identify areas for further improvement
• Access relevant guidance from the NCSC

The tool provides you with a final report with actions to follow up after the exercise and directs you to relevant guidance on the NCSC website to help you put in place improvements to your organisation’s cyber security.

About the NCSC

The National Cyber Security Centre is the government agency responsible for cyber security in the UK. Its mission is to make the UK the safest place to live and work online.

They provide support to the most critical organisations in the UK, the wider public sector, industry, charities, SMEs as well as the general public. When incidents do occur, they provide effective incident response to minimise harm to the UK, help with recovery, and learn lessons for the future.