AJC Strengthens Cyber Resilience in Mutuals
Mutual organisations continue to play a pivotal role in the UK financial landscape, and the need for robust cyber security...
Read More
As the incident response landscape continues to evolve, it is essential for organisations and institutions to stay informed about these emerging standards and best practices. Understanding these developments is key to maintaining robust security and operational resilience, and that’s exactly what we’ll be exploring within this article.
CSF 2.0 Functions at Its Core
SP 800-61 Rev. 3 maps its guidance across all six CSF 2.0 functions—Govern, Identify, Protect, Detect, Respond, and Recover—offering a unified standard that’s already familiar to cybersecurity professionals. This isn’t just academic—they’re betting your incident response will evolve from a siloed function to a fully integrated lifecycle.
An Incident Response Lifecycle Reimagined
The old circular model (detect → analyse → contain → recover → learn) has been replaced by a layered structure:
It’s a setup that acknowledges how incidents now unfold in dynamic, high-stakes environments, and the continuous learning required to stay ahead.
Sharper, More Usable Content
According to NIST, Revision 3 has been fully rewritten for clarity and relevance, removing outdated examples and making the document more actionable.
Wider Roles, Shared Responsibility
Where once “incident response” meant a small, specialised team, now it “encompasses legal, communications, leadership and sometimes external partners,” all sharing responsibility in a collaborative model.
This could include:
NIST even highlights the importance of clear contracting and accountability when outsourcing parts of the response function.
Revision 3 provides guidance on updating incident response policies, recommending inclusion of:
But this isn’t just a checklist, it also suggests standard operating procedures and playbooks that can be exercised, refined, and made fit for real-world chaos.
If you’re already employing CSF 2.0 or basing your strategy on earlier versions of SP 800-61, Revision 3 is truly mission-critical. Its updated structure and lifecycle model ensure incident response is embedded across your organisation and not siloed. Furthermore, with evolving threat landscapes, the emphasis on continuous learning and cross-functional collaboration is more than timely, it’s essential.
Wondering how to align with NIST’s new incident response guidance without getting buried in policy rewrites? That’s where we can help. At AJC, we offer practical, hands-on support to help your organisation operationalise the latest best cyber security practices.
What we offer:
Review & Redesign
We assess and refine your existing incident response policies, playbooks, and workflows, mapping them directly to the CSF 2.0 framework. Expect tailored, usable documentation that actually makes sense in a crisis.
Train & Exercise
AJC runs immersive desktop exercises and simulation workshops for your full team, executives, tech staff, legal, HR, and comms. These aren’t checkbox drills; they’re dynamic, stress-tested scenarios that build organisational muscle memory.
Contact us on 020 7101 4861 or email us at info@ajollyconsulting.co.uk if you think we can help.
NIST Publishes Updated Incident Response Recommendations and Considerations | Inside Privacy
Mutual organisations continue to play a pivotal role in the UK financial landscape, and the need for robust cyber security...
Read More
The latest figures from UK Finance paint a troubling picture of the nation’s fraud landscape. In just the first six...
Read More
The Financial Conduct Authority (FCA) has criticised UK banks and payment firms for repeatedly missing key opportunities to prevent romance...
Read More