Key change in Cyber Security requirements for all potential MOD suppliers effective from 1 October 2017
Industry Security Notice – DEFCON 658 is aimed at informing all suppliers to the UK MOD about its implementation of the Cyber Security Model to ensure the protection of the defence supply chain from cyber threats.
The Industry Security Notice provides guidance to organisations which are or wish to become suppliers to the MOD. It outlines a step change in the MOD’s approach to Cyber Security – going forward, the Cyber Security Model should be passed down the supply chain to protect MOD Identifiable Information.
From October 2017, ALL suppliers that bid for new contracts from the MOD need to abide by DEFCON 658 and show that they meet the cyber security standards mandated by the MOD.
The Cyber Security Model with DEFCON 658 ensures clarity for suppliers bidding for MOD contracts as each MOD contract will have a level of risk associated with it. Each level of risk has a mandatory set of mitigations and suppliers need to ensure they have the necessary compliance in place before being awarded future MOD tenders. Unless the risk profile is marked “N/A”, all MOD tenders will require a level of Cyber Essentials Certification.
The full Industry DEFCON 658 Security Notice is available to download from this link.
Becoming Cyber Essentials certified is a straightforward process involving completing a self-assessment questionnaire. An overview of the certification can be requested here.
Alternatively, you can start your application for Cyber Essentials now through MOD DCO’s partner Defence Contracts International and be well placed for winning contracts with the MOD going forward. Start Now.