Data Driven Futures

MoD sets up cyber team for secure innovation

Written by Peter Walker
30/09/19

The Ministry of Defence (MoD) has set up a Defence Innovation Cyber Security and Assurance Team (DICSAT) to support its Defence Assurance and Information Security (DAIS) service.

Based in London, it will provide advice on support for innovation projects, for up to two years with a budget of £2 million.

The move comes from a recognition that innovation projects tend not to have their own security in place to support DAIS, and that the body does not have the resources to provide sufficient support to all of the projects.

The problem is intensified by the use of emerging technologies, which many existing staff are not familiar with.

As a result, DICSAT has been set up to provide security assurance for each stage in innovation projects. A procurement notice stated that without this, assurance the teams could be denied access to MoD infrastructure and information.

An early draft mandate for the DICSAT has been drawn up and a process generated for assessing the risks of particular projects.

DAIS provides a range of information assurance support to defence and its industry partners, including: tracking and provision of management information for all defence accreditation activity; assessment of evidence submitted in support of the accreditation process; final sign-off and provision of a certificate and letter of accreditation; and the progression and review of risk balance cases prior to sign-off by the MoD senior information risk owner.

Seperately, parliament is planning to run a cyber capability change programme, beginning early next year.

It is currently seeking consultancy services covering technical analysis, systems, technical and management consultancy.

An official notice stated that issues such the behavioural and cultural change needed to maintain its cyber capability will be tackled, as well as workforce management strategy.

Parliament has been identified as a high profile target for cyber attackers and has previously run campaigns to encourage cyber security awareness among its staff.