Cyber Incident Exercising (CIE)
Cyber incident exercising is vital to your organisation’s preparedness as it simulates real-world cyber threats, allowing you to assess, practice and improve your response capabilities. It will enhance your planning and thinking, help you identify weaknesses, foster a proactive security culture and ensure you have a resilient and adaptive defence against ever changing and evolving cyber threats. By exercising and improving your incident response plans, you will be better placed to respond to cyber attacks, have a realistic understanding of your recovery time and ensure you get back up and running more quickly, thereby reducing costs and any reputational damage.
Get in touch
Please note, we can only process business email addresses.
Why URM?
URM is ideally placed to assist your organisation with your cyber incident exercising due to the unique combination of exercising experience and cyber expertise. Since its formation in 2005, URM has been developing and facilitating incident response exercises. Our team of incident management and cyber specialists is hugely experienced and skilled in devising challenging, original and appropriate scenarios which will exercise and validate your incident response plans. Working closely with you, we will ensure the scenarios are realistic, have clear objectives in terms of raising awareness, assess how well participants understand the plans, as well as their own roles and responsibilities and how they work collectively as a team. URM has worked with a wide range of incident management teams as part its exercising and with different areas of focus, from assessing the capabilities of senior management to IT teams, measuring the effectiveness of communication and identifying gaps between actual and expected time to recover.
One feature of our exercising over the last 10 years has been the increasing number of cyber-related exercises we have developed, addressing such threats as malware attacks, ransomware incidents, data breaches and phishing attempts. This is an area where URM is able to excel by virtue of its cybersecurity knowledge supported by our CREST accreditation. Our Technical Team possesses a deep understanding of cybersecurity principles, current threats, and attack methodologies and, as such, is able to develop exercises which are both cutting edge and highly realistic.
Cyber Essentials Update 2026
URM’s blog breaks down key changes to the Cyber Essentials scheme coming into force on 27 April 2026, including the new Danzell Question Set.
URM’s blog explains recent amendments to the Cyber Security and Resilience Bill, how they align with broader regulatory shifts, & practical steps to prepare.
URM’s blog explains the recent open letter to suppliers issued by the NHS, what it means, why it matters, and the practical steps you can take to prepare.
URM’s blog unpacks the Identify Function of the NIST CSF, providing a detailed breakdown of its requirements and what you need to do to meet them.