top of page

Building Cyber Resilience: UK Government Mandates Annual Cyber Incident Exercises 

  • nicolaferraritest
  • Aug 28
  • 2 min read

August 2025


In a decisive move to strengthen the UK’s cyber resilience, the Government has introduced a new Cyber Incident Exercising (CIE) Policy. This policy mandates that all Lead Government Departments (LGDs), Arm’s Length Bodies (ALBs), and other public organisations conduct at least one cyber incident response exercise per year.


As cyber threats grow in scale and sophistication, this policy ensures that public sector organisations are not only prepared to respond to incidents but are continuously improving their ability to recover and adapt.


What Is Cyber Incident Exercising?


Cyber Incident Exercising (CIE) is a structured approach to testing an organisation’s ability to respond to cyber threats. It goes beyond technical drills, involving cross-functional teams and realistic scenarios to simulate the pressures and complexities of a real cyber attack.


The new policy outlines clear expectations for these exercises:


  • Comprehensive Testing: Exercises must cover the full incident response cycle - from detection and containment to recovery and post-incident review.

  • Inclusive Participation: Senior leaders, technical experts, and non-cyber teams must all be involved to ensure a holistic response.

  • Realistic Scenarios: Exercises should be informed by current threat intelligence and past incidents to reflect real-world challenges.

  • Actionable Outcomes: Lessons learned must be documented and translated into tangible improvements in cyber resilience.


Encouraging Collaboration


The policy also promotes cross-organisational collaboration, especially where systems or data are shared. Joint exercises can uncover interdependencies and improve coordination across public bodies. Organisations are encouraged to share outcomes with the Government Cyber Coordination Centre (GC3 – a collaboration between NCSC, the Government Security Group and the Central Digital and Data Office) to help build a stronger national cyber defence posture.


How Avella Can Help


As, an NCSC Assured Provider of Cyber Incident Exercising (CIE), we specialise in helping public sector organisations meet their cyber resilience goals through tailored CIE programmes.


Whether you're preparing for your first annual exercise or looking to enhance existing capabilities, Avella offers:


✅ Custom-designed CIE scenarios aligned with your threat landscape and operational context.

✅ Facilitated tabletop and live-play exercises involving leadership, technical teams, and business units.

✅ Post-exercise analysis and reporting to capture lessons learned and drive measurable improvements.

✅ Support for cross-organisational collaboration, including shared systems and data environments.

✅ Integration with GC3 reporting requirements to ensure national alignment.


Our team brings deep expertise in cyber risk, incident response, and public sector operations - ensuring your exercises are not only compliant, but truly impactful.


Get in touch to learn how Avella can support your organisation’s cyber resilience journey.

 

bottom of page