-
·
Navigating MOD Cyber Compliance in 2025
In the UK defence sector, cyber security is no longer treated as a peripheral concern; it is central to procurement policy, and the risks of compromise are too great to be left to interpretation. At the heart of the Ministry of Defence (MOD) expectations sits Defence Standard (Def Stan) 05-138, a detailed standard that defines…
-
·
CSMv4 Compliance: MOD Cyber Requirements Explained
CSMv4 Compliance – What MOD Suppliers Need to Do Before 3 November 2025 After nearly two years of preparation, Cyber Security Model version 4 (CSMv4) is now confirmed for formal implementation across the defence supply chain. The Ministry of Defence announced through Industry Security Notice (ISN) 2025/04 that CSMv4 will take effect from 00:01 GMT…
-
·
Preparing for DCC Evidence Requirements
The Defence Cyber Certification (DCC) scheme, launched in 2025, represents a fundamental shift in how the MOD validates cyber security across its supply chain. Unlike the previous Supplier Assurance Questionnaire (SAQ) approach that relied on self-assessment, DCC introduces independent, third-party verification of controls outlined in DefStan 05-138. For defence suppliers, this transition from “we have…
-
·
Bolstering SME Cyber Resilience
In his latest article, first written for, and published by BCS ITNow Magazine, Logiq Security Practice Lead, Matthew Mackay CISM CISA, outlines why smaller organisations must adopt a principles-based approach to managing cyber risk. Strong cybersecurity practices can not only enable SMEs to protect themselves from cyber threats, but also offer a competitive advantage, particularly…
-
·
CSMv4 – Building Cyber Security into the Defence Supply Chain
Preparing MOD Suppliers for CSMv4 Readiness This article reflects guidance as at 25 July 2025. For the latest updates, visit the MOD Cyber Security Model page on gov.uk. Back in January, we explored what CSMv4 means for the defence supply chain and why it represents a significant evolution from CSMv3. With the publication of Def…
-
·
From Information Security to Cyber Security: Aligning Security with Organisational Objectives
By Matthew Mackay CISA CISM CITP MBCS ChCSP MCIIS, Security Practice Lead at Logiq Article written for and first published by techUK It’s time we stop thinking in terms of ‘information security’ and start thinking in terms of ‘cyber security’; not just as a linguistic shift, but a fundamental shift in the way we view…
-
·
SaaS or Self-Hosted: What’s the right ServiceNow strategy for your organisation?
ServiceNow has become the go-to platform for organisations seeking to streamline workflows, automate service delivery and drive digital transformation. With its extensive capabilities, the platform presents huge value opportunities but also requires a key consideration – the deployment strategy. Does the organisation and associated infrastructure require a conventional, vendor-hosted SaaS solution or a self-hosted instance?…
-
·
Defence Cyber Certification: Aligning Risk Profiles with Real Assurance
In a previous article, we explored the MOD’s Cyber Security Model version 4 (CSMv4), the framework that introduced structured risk profiles to assess the cyber requirements of defence contracts. Now, we turn our attention to what comes next: Defence Cyber Certification (DCC), the formal mechanism that ensures Defence Suppliers meet the resilience standards required across…
-
·
The True Cost of a Cyber Attack on the Defence Supply Chain
In early 2022, a well-regarded UK defence contractor found itself at the centre of a cyber security storm. The company, an SME and key supplier of engineering components for Ministry of Defence (MOD) projects, had built its reputation on precision, reliability, and discretion. But that reputation was shattered almost overnight when a cyber-attack exposed confidential…
-
·
How ServiceNow ITSM Transforms Defence Services
Managing IT services in the defence sector is an unique and often highly complex challenge. Unlike commercial enterprises, where IT disruptions might cause financial setbacks or inconvenience, in defence, an inefficient IT service can compromise national security and expose sensitive data to cyber threats. The ability to maintain seamless, secure and highly responsive IT services…
Logiq completes acquisition of Savient Ltd, further strengthening its capability. Read the press release here.
