-
CSMv4 Compliance: MOD Cyber Requirements Explained
Read more: CSMv4 Compliance: MOD Cyber Requirements ExplainedCSMv4 is now the current MOD Cyber Security Model for supplier cyber assurance. It is built around Defence Standard 05-138 Issue 4 and DEFCON 658, with the aim of applying a more proportionate, risk-based and evidence-led approach across the defence supply chain.
-
Preparing for DCC Evidence Requirements
Read more: Preparing for DCC Evidence RequirementsThe Defence Cyber Certification (DCC) scheme, launched in 2025, represents a fundamental shift in how the MOD validates cyber security across its supply chain. Unlike the previous Supplier Assurance Questionnaire (SAQ) approach that relied on self-assessment, DCC introduces independent, third-party verification of controls outlined in DefStan 05-138.
-
Bolstering SME Cyber Resilience
Read more: Bolstering SME Cyber ResilienceIn his latest article, first written for, and published by BCS ITNow Magazine, Logiq Security Practice Lead, Matthew Mackay CISM CISA, outlines why smaller organisations must adopt a principles-based approach to managing cyber risk. Strong cybersecurity practices can not only enable SMEs to protect themselves from cyber threats, but also offer a competitive advantage, particularly…
-
Logiq to Exhibit at DSEI 2025
Read more: Logiq to Exhibit at DSEI 2025Logiq is pleased to confirm its participation in DSEI 2025, taking place from 9–12 September at ExCeL London. As one of the UK’s most prominent defence and security events, DSEI brings together government, military, and industry stakeholders from around the world. Logiq will be exhibiting at stand S14-136. With a core specialism in cyber security…
-
CSMv4 – Building Cyber Security into the Defence Supply Chain
Read more: CSMv4 – Building Cyber Security into the Defence Supply ChainPreparing MOD Suppliers for CSMv4 Readiness This article reflects guidance as at 25 July 2025. For the latest updates, visit the MOD Cyber Security Model page on gov.uk. Back in January, we explored what CSMv4 means for the defence supply chain and why it represents a significant evolution from CSMv3. With the publication of Def…
-
Logiq Among First to Achieve Defence Cyber Certification (DCC) Level 0
Read more: Logiq Among First to Achieve Defence Cyber Certification (DCC) Level 0Logiq is proud to announce that it has officially achieved Level 0 certification under the UK’s Defence Cyber Certification (DCC) scheme – placing the company among the first organisations to be certified under the new standard. Issued by IASME, the certification confirms that Logiq meets the baseline cyber security requirements expected of suppliers working with…
-
From Information Security to Cyber Security: Aligning Security with Organisational Objectives
Read more: From Information Security to Cyber Security: Aligning Security with Organisational ObjectivesBy Matthew Mackay CISA CISM CITP MBCS ChCSP MCIIS, Security Practice Lead at Logiq Article written for and first published by techUK It’s time we stop thinking in terms of ‘information security’ and start thinking in terms of ‘cyber security’; not just as a linguistic shift, but a fundamental shift in the way we view…
-
SaaS or Self-Hosted: What’s the right ServiceNow strategy for your organisation?
Read more: SaaS or Self-Hosted: What’s the right ServiceNow strategy for your organisation?ServiceNow has become the go-to platform for organisations seeking to streamline workflows, automate service delivery and drive digital transformation. With its extensive capabilities, the platform presents huge value opportunities but also requires a key consideration – the deployment strategy. Does the organisation and associated infrastructure require a conventional, vendor-hosted SaaS solution or a self-hosted instance?…
-
Defence Cyber Certification: Aligning Risk Profiles with Real Assurance
Read more: Defence Cyber Certification: Aligning Risk Profiles with Real AssuranceIn a previous article, we explored the MOD’s Cyber Security Model version 4 (CSMv4), the framework that introduced structured risk profiles to assess the cyber requirements of defence contracts. Now, we turn our attention to what comes next: Defence Cyber Certification (DCC), the formal mechanism that ensures Defence Suppliers meet the resilience standards required across…
-
Logiq Achieves Silver Award in Defence Employer Recognition Scheme
Read more: Logiq Achieves Silver Award in Defence Employer Recognition SchemeWe’re proud to announce that Logiq has been awarded the Silver Award under the Ministry of Defence’s Employer Recognition Scheme (ERS), marking another significant milestone in our ongoing commitment to supporting the UK’s Armed Forces community. This achievement comes just months after we were recognised with the Bronze Award in Q1 2025, demonstrating our continued…
-
The True Cost of a Cyber Attack on the Defence Supply Chain
Read more: The True Cost of a Cyber Attack on the Defence Supply ChainIn early 2022, a well-regarded UK defence contractor found itself at the centre of a cyber security storm. The company, an SME and key supplier of engineering components for Ministry of Defence (MOD) projects, had built its reputation on precision, reliability, and discretion. But that reputation was shattered almost overnight when a cyber-attack exposed confidential…
-
How ServiceNow ITSM Transforms Defence Services
Read more: How ServiceNow ITSM Transforms Defence ServicesManaging IT services in the defence sector is an unique and often highly complex challenge. Unlike commercial enterprises, where IT disruptions might cause financial setbacks or inconvenience, in defence, an inefficient IT service can compromise national security and expose sensitive data to cyber threats. The ability to maintain seamless, secure and highly responsive IT services…
-
Simplifying Secure Collaboration for MOD Contractors
Read more: Simplifying Secure Collaboration for MOD ContractorsAt a glance, defence projects may appear seamless; multiple organisations working together, each contributing their expertise to deliver advanced capabilities for the Ministry of Defence (MOD). The reality, however, is that collaboration in the defence sector is anything but simple. Consider; a small defence contractor preparing a bid submission for a high-value MOD contract. The…
-
Why Defence Needs Secure ITSM
Read more: Why Defence Needs Secure ITSMManaging IT services in the defence sector comes with a unique set of challenges. Unlike in commercial businesses, where IT failures might result in financial loss or reputational damage, in defence, the stakes are far higher. Worst case scenario: disruption that jeopardises operations and ultimately risks lives. To keep these services and systems running efficiently…
-
Cyber Security Risk Management in the Public Sector
Read more: Cyber Security Risk Management in the Public SectorCyber security within government organisations is fundamental to national resilience. The public sector handles vast amounts of highly sensitive information, ranging from personal data to classified intelligence, making it a prime target for cyber threats. Effectively managing cyber risks thus requires a socio-technical approach considering the people and processes, as well as the technology used.…
-
Why Defence Suppliers Need a Managed Security Service
Read more: Why Defence Suppliers Need a Managed Security ServiceWhen a mid-sized defence supplier landed its first direct contract with the Ministry of Defence (MOD), the leadership team knew security was a priority. They had an IT team in place, firewalls installed, and a cyber awareness programme for employees. On paper, they believed they were covered. Then came the hard truth. As part of…
-
Secure by Design vs. Security Control Sets
Read more: Secure by Design vs. Security Control SetsUsing Simon Sinek’s well-known ‘Start with Why’ philosophy, it is possible to view traditional security control sets and Secure by Design as complementary rather than competing approaches. One helps define what should be done.
-
The Most Important Secure by Design Question Isn’t About Security
Read more: The Most Important Secure by Design Question Isn’t About SecurityA recent letter sent to all defence industry CEOs focused on driving cyber resilience in supply chains, is a stark reminder that in challenging times it is of upmost importance that the systems we rely on remain safe and secure. Within the letter, Ministry of Defence officials—the Second Permanent Secretary, DG Chief Information Officer and…
-
Understanding the MOD’s Cyber Security Model v4
Read more: Understanding the MOD’s Cyber Security Model v4The Ministry of Defence (MOD) recently introduced version 4 of its Cyber Security Model (CSMv4), an update designed to enhance the cyber resilience of its supply chain.
-
Optimisation and Transformation: The Path to Success
Read more: Optimisation and Transformation: The Path to SuccessOptimisation isn’t just about minor tweaks; it’s about driving continuous improvement through small, strategic changes that deliver true business value. By tackling real challenges incrementally, optimisation achieves transformative benefits whilst realising value early and delivering sustainable improvements. True value lies in a balanced approach: driving continuous optimisation to ensure operations keep improving and delivering impactful…
INSIGHTS
Clear, practical insight on the topics shaping secure and regulated work — from company news and everyday cyber guidance to deeper analysis of frameworks, delivery and emerging requirements.