-
·
Strengthening COMAH Cyber Security: A Leadership‑Focused View
By Jonny Keiller, Principal OT Security Consultant, Logiq As an ISA/IEC 62443 specialist (the global series of standards for securing industrial automation and control systems) with experience across Control of Major Accident Hazards (COMAH) sites in multiple sectors, I’ve seen a clear shift in what “good” looks like for cyber security in industrial environments. The…
-
·
When version control slips on MOD construction projects
Drawings standing still on construction projects is a very rare thing indeed. They move through constant cycles of issue, review, mark-up, and revision. On MOD programmes, that process involves multiple contractors and subcontractors, often working across different systems and environments, each with their own document practices and pace of delivery. Version control is straightforward in…
-
·
Collaboration challenges on MOD construction projects
On MOD construction projects, collaboration is constant. Drawings, RFIs, revisions, and mark-ups move between principal contractors, subcontractors, and specialist trades throughout the lifecycle of a programme. Decisions made in one part of the supply chain affect others. Coordination isn’t a phase of the project – it’s continuous. In theory, the process is structured. In practice,…
-
·
CYBERUK 2026 – what’s worth paying attention to
Each year, CYBERUK sets the tone for how cyber security is expected to operate in practice – not just in policy terms, but in what organisations are actually held accountable for. This year’s theme, “The next decade: accelerating our cyber defence”, signals something that’s been building for a while. The conversation has moved on. The…
-
·
Security is a Product Decision: Why Secure by Design Starts with the Product Owner
By Beth Hurford, Senior Optimisation and Transformation Consultant, Logiq Picture this. You’re in a requirements workshop. There’s a business analyst (BA), a developer, maybe a systems engineer, and you, the product owner (PO). Security isn’t there. Someone decided it was “too early”, that involving them now would mean “too many cooks” and that security can…
-
·
Cybersecurity: A discipline in search of a definition
By Matthew Mackay, Practice Lead and Principal Security Consultant, Logiq In an era where digital threats evolve faster than most organisations can adapt, you would be mistaken for believing that there would be a universally agreed definition for the term ‘cybersecurity’. Despite its increased profile and agreed importance, cybersecurity remains a concept without a single,…
-
·
What is the NCSC Cyber Advisor Scheme and do you need it?
If you are preparing for Cyber Essentials certification, you may have come across the term “Cyber Advisor”. It is easy to assume it is another form of certification, or perhaps a mandatory step in the process. It is neither. The Cyber Advisor scheme was developed by the National Cyber Security Centre and is delivered in…
-
·
CSRB and the Reality of OT and ICS
The Cyber Security & Resilience Bill is being talked about as a major update to the UK’s regulatory landscape, but its impact won’t be felt in policy documents or compliance dashboards. It will be felt in the quiet corners of essential services where technology, process and people collide — places where systems were never designed…
-
·
How DISX Supports CSMv4 Readiness
Preparing for the enhanced Cyber Security Model has become a significant focus for suppliers working with the Ministry of Defence. While the policy intent is straightforward — raising the bar for cyber resilience across defence programmes — the practical reality can feel messy, especially for organisations without dedicated security teams. Much of the initial effort…
-
·
Delivering OFFICIAL and OFFICIAL-SENSITIVE work in practice
There is sometimes a tendency to treat the terms OFFICIAL and OFFICIAL-SENSITIVE as purely administrative labels, but for organisations working with the Ministry of Defence they represent a set of expectations about how information should be handled and what the working environment needs to look like. What the classifications mean in day-to-day delivery These classifications…
