CONNECTING THE DEFENCE COMMUNITY WITH INSIGHT, INTELLIGENCE & OPPORTUNITIES

Officially Supported By: Defence Contracts International Supply2Defence

Official Media Partners for:

A full lifecycle IA approach for suppliers and buyers 

Information Assurance (IA) is now a well-established countermeasure to the growing cyber threat that all organisations and citizens face. The UK Government’s new Cyber Security Strategy 2016-21 is testament to the importance we should all afford the issue.

This importance is particularly applicable to the defence sector. For some time, the Government has insisted that all its suppliers conform to the new Cyber Essentials Scheme (CES). This went up a gear in April 2017 with the Ministry of Defence’s (MOD) launch of the Cyber Security Model (CSM). To be compliant, the MOD supply chain will now need to have Cyber Essentials or Cyber Essentials Plus and information security governance policies in place. 

While schemes and standards like CES and ISO27001 are a good start, in practice IA isn’t always integral to our working practices and systems. Often we pay lip service to it or add it as an afterthought. In major defence projects, especially ones that involve sensitive information, this is just not acceptable. IA must be built in all the way through.

IA Inside from Ascentor is designed to help buyers and suppliers do exactly that – making IA holistic, integrated and effective throughout the project lifecycle.

Caption: IA Inside: designed to integrate Information Assurance into the four main lifecycle phases of every project

IA Inside: designed to integrate Information Assurance into the four main lifecycle phases of every project

“In over a decade of working with public sector buyers and suppliers, we have rarely seen a joined up approach to IA. At best it’s fragmented, at worst it’s missing altogether. Bolting IA on at the end just isn’t viable so we’ve come up with the IA Inside concept to help all the actors on the IA stage.” Dave James, Managing Director of Ascentor

Here’s how it works:

IA Inside for Buyers

Specification Phase

Identifying information risks and protecting your information should not simply be a question of conformance to policy; it is good business practice. The earlier you analyse your requirements the better, so you can embed them in the specification and lay the foundation for a robust approach to securing your information.

Procurement Phase

Once the specification contains IA requirements, it’s important to give them focus and weight during the procurement phase. The Invitation to Tender (ITT) could highlight IA by setting scored questions seeking both the supplier’s IA approach to the project and the supplier’s corporate IA credentials.

Buyer Benefits

Building IA into the heart of your projects will save you money and reduce risk. Remember the principles of Total Quality Management and structured software engineering? Defects found early in the process are easier and quicker to fix, and therefore cheaper to fix, than those found later. It makes perfect sense, so why not do the same for IA?

MOD Benefits

IA Inside would help the MOD assess and specify its information risks, and ensure they are handled in accordance with JSP440 and to the satisfaction of the accreditor.

 

IA Inside for Suppliers

Tender Phase

As IA increases in importance and starts to feature explicitly in ITTs, suppliers treating IA seriously will be in a stronger position. When IA is implicit, hidden or missing altogether, suppliers can often treat it as something to ignore or trade-off in favour of lower cost, taking a “we’ll worry about it later if we win” attitude. With IA Inside, this won’t work any longer.

Delivery Phase

By the time delivery commences on an IA Inside project, the IA elements will be built in to the approach. Suppliers will need to deliver on their promise rather than go back to the drawing board when IA is mentioned.

Supplier Benefits

IA superiority is starting to count. Having robust IA from both a business and project perspective should enable you to build competitive advantage. You may also save money as you will enter the delivery phase with IA well-defined and budgeted, so there will be no risk of you having to add functionality from your contingency fund.

 

This article was submitted by Dave James, MD of Ascentor. Ascentor provides support and guidance to public sector organisations and departments that have very high value and sensitive information assets. www.ascentor.co.uk

Ascentor Cyber cyber security Data Information

Post written by: Vicky Maggiani

Vicky has worked in media for over 20 years and has a wealth of experience in editing and creating copy for a variety of sectors.


LATEST STAKEHOLDER

Become a Stakeholder today and benefit from an exclusive marketing package which will allow you to:

  • Engage with active defence buyers and key supply chain partners
  • Create your own branded micro-site which within Defence Online which is managed by you
  • Have a dedicated Digital Account Manager to help enhance your Stakeholder page
  • Promote your news, products, press releases, eBooks and Videos as a Defence Online partner which feeds through to our homepage and social media channels
  • Have your company promoted on our partner website Defence Contracts Online (DCO)
  • All news promoted in mynewsdesk, a major hub for all of our news articles which enables news to be picked up from trade magazines, national newspapers and many other publications which offers extra exposure at no additional cost!

Contact us today or call us on 0845 557 1315 to take advantage of this exclusive marketing package


.

RELATED ARTICLES

A new partnership between Babcock International Group (Babcock) and Palantir Technologies UK, which will see its digital data defence capabilities strengthened

March 22, 2024

Homeland - DISA outlines blueprint for new data strategy

By Kassie Garrett / DISA Enterprise Integration and Innovation The “2023 Data, Analytics and Artificial Intelligence Adoption Strategy,” developed by the

Defence Cyber Marvel 3 (DCM3) has taken place in Estonia - the first pan-Defence initiative to build a grass roots community across Defence, His Majesty’s Government and international allies and partners.

February 27, 2024

Homeland - Global cyber competition secures and strengthens key relationships

Defence Cyber Marvel 3 (DCM3) has taken place in Estonia – the first pan-Defence initiative to build a grass roots community