[United Kingdom, 29 May 2026] – The UK Resilience Academy (UKRA), part of the Cabinet Office and delivered by Serco Limited, is pleased to announce that it has been recognised as an Assured Service Provider under the National Cyber Security Centre (NCSC) Cyber Incident Exercising (CIE) scheme.

This assurance recognises that UKRA has the capability to design and deliver cyber incident exercising services in line with NCSC expectations, supporting organisations to test and strengthen their preparedness and response to cyber incidents.

Cyber incidents continue to present a significant and growing risk to UK organisations, with a large proportion experiencing breaches or attacks each year. Effective response and recovery are now critical components of organisational resilience, requiring not only technical capability but also coordinated leadership, decision-making, and communication.

The NCSC CIE scheme provides independent assurance that providers are able to deliver effective and structured cyber incident exercising in line with recognised good practice. Through this assurance, UKRA supports organisations in developing and validating their cyber incident response arrangements, helping to build confidence in their ability to manage and recover from cyber incidents.

The UK Resilience Academy is the Cabinet Office’s national centre for resilience training, education, and exercising. It brings together expertise from across government, industry, and academia to support the development of resilient organisations and systems. UKRA delivers a comprehensive offer spanning individual capability building, organisational development, and large-scale exercising, supporting stakeholders across government, the wider public sector, and critical national infrastructure.

Its approach is rooted in real-world application, combining practical learning with exercising to ensure that individuals and organisations are prepared to manage complex and evolving risks, including cyber incidents. This includes supporting leaders and practitioners to understand their roles in incident response, strengthen decision-making under pressure, and improve coordination across teams and organisations.

Achieving NCSC CIE assured status represents an important milestone for UKRA’s growing cyber resilience capability. It reinforces the Academy’s role in supporting organisations to move beyond prevention alone, towards a more comprehensive approach to resilience that includes preparedness, response, and recovery.

CREST is a global not-for-profit organisation dedicated to raising standards and building trust in the cybersecurity profession. As a Delivery Partner for the National Cyber Security Centre (NCSC) scheme, CREST helps organisations identify high-quality providers of cyber incident exercising services.

CREST CEO Nick Benson said:

“Cyber resilience depends not only on technical capability, but also on an organisation’s ability to make effective decisions under pressure and coordinate responses at every level. UKRA’s achievement of NCSC CIE Assured Service Provider status demonstrates a strong commitment to raising standards in cyber preparedness and resilience across the UK.”

Through its assured cyber incident exercising services and wider learning offer, UKRA will continue to support organisations in building the skills, confidence, and capability needed to manage cyber risk effectively in an increasingly complex threat landscape.