The Defence Cyber Protection Partnership (DCPP) is a government industry initiative formed to create a joint response to the cyber threat and aims to protect the UK’s military capability by enhancing cyber defence through the MOD’s supply chain, while preserving existing investment in cyber security measures.
As part of the partnership, the MoD has created a number of cyber security standards that must be met in order to do business with the MOD. These requirements are outlined in the Cyber Security Model (CSM). Here, Phil discusses how DPRTE 2018 will help the DCPP engage with the defence supply chain and helping them understand these cyber security requirements.
What differentiates DPRTE from other events in the defence calendar for the Defence Cyber Protection Partnership?
DPRTE is my largest event to date with a focus on defence, procurement and the supply chain. As ever, my main aim is to reach out to SMEs not yet engaged with this new mandatory requirement to protect MOD identifiable Information. It is also a great opportunity to collaborate with other organisations, sharing best practice and exchanging information.
Do events like DPRTE present the Defence Cyber Protection Partnership with the best opportunity to reach out to the defence supply chain?
We are actively trying to engage with any company that is either currently in the defence supply chain or want to be. There will be thousands of companies represented at this event and we have the opportunity to both present to an audience and engage on a one to one basis.
What message are you keen to get out to the defence supply chain?
This is a new mandated requirement which impacts throughout the entire supply chain. It’s there because of the potential impact “bad cyber” can have across the Defence Supply Chain. Familiarise yourselves with the process now, not when a submission is due.
What help is available to companies looking to enter the defence industry and become CSM compliant?
The DCPP Website: https://www.gov.uk/government/collections/defence-cyber-protection-partnership has information including a Buyer / Supplier Guide, Workflow document and risk profile requirements. A link to the tool is also provided and this allows companies to try out a Supplier Assurance Questionnaire without it being linked to a contract. This is a very transparent process intended to improve cyber security not sift companies out. There is also NCSC’s Cyber Essentials Web site: https://www.cyberessentials.ncsc.gov.uk/
For companies not yet meeting the required controls, there is an option to provide a Cyber Implementation Plan (CIP).
Companies offering cyber security services also have a lot to offer, both in attaining compliance and supporting the flow-down risk acceptance process.
Where can people find you at DPRTE?
We will be at Stand 17 throughout the event. But also come and hear our presentation “Defence Contracting: Understanding Mandatory Cyber Requirements” at the Supply Chain and Partnering Zone, between 12.00 and 12:30.
Don’t miss out on this fantastic chance to attend DPRTE 2018, book now at www.dprte.co.uk/book-now
If you would like to join our community and read more articles like this then please click here.