-
·
CSRB and the Reality of OT and ICS
The Cyber Security & Resilience Bill is being talked about as a major update to the UK’s regulatory landscape, but its impact won’t be felt in policy documents or compliance dashboards. It will be felt in the quiet corners of essential services where technology, process and people collide — places where systems were never designed…
-
·
How DISX Supports CSMv4 Readiness
Preparing for the enhanced Cyber Security Model has become a significant focus for suppliers working with the Ministry of Defence. While the policy intent is straightforward — raising the bar for cyber resilience across defence programmes — the practical reality can feel messy, especially for organisations without dedicated security teams. Much of the initial effort…
-
·
Delivering OFFICIAL and OFFICIAL-SENSITIVE work in practice
There is sometimes a tendency to treat the terms OFFICIAL and OFFICIAL-SENSITIVE as purely administrative labels, but for organisations working with the Ministry of Defence they represent a set of expectations about how information should be handled and what the working environment needs to look like. What the classifications mean in day-to-day delivery These classifications…
-
·
Where the Cyber Security & Resilience Bill Leads Us
Article first published 16/12/2025 and updated 27/05/2026 The Cyber Security & Resilience Bill has now moved beyond policy signal and into Parliament, having been introduced on 12 November 2025. The early noise has faded, leaving behind the steadier question of what it actually means for organisations that keep essential services running. The familiar headlines still…
-
·
Considering the Physical Aspects of Cyber Security
By James Jackson, Security Consultant, Logiq Comprehensive physical security controls are as essential as digital cyber security controls. A strong physical security posture is key to avoiding incidents – however stakeholders may overlook these more traditional defences against the ever-changing digital landscape. Physical security is the prevention and mitigation of unauthorised access to facilities and…
-
·
NCSC Annual Review 2025 – What Resilience Looks Like Now
The National Cyber Security Centre’s Annual Review 2025 arrives at a moment when the language of cyber resilience has become inseparable from the language of business itself. Across the public sector and its supply chains, the review paints a picture of a nation more dependent than ever on digital systems — and more exposed than…
-
·
Navigating MOD Cyber Compliance in 2025
In the UK defence sector, cyber security is no longer treated as a peripheral concern; it is central to procurement policy, and the risks of compromise are too great to be left to interpretation. At the heart of the Ministry of Defence (MOD) expectations sits Defence Standard (Def Stan) 05-138, a detailed standard that defines…
-
·
CSMv4 Compliance: MOD Cyber Requirements Explained
Article first published 07/10/2025 and updated 27/05/2026 CSMv4 Compliance – What MOD Suppliers Need to Do CSMv4 is now the current MOD Cyber Security Model for supplier cyber assurance. It is built around Defence Standard 05-138 Issue 4 and DEFCON 658, with the aim of applying a more proportionate, risk-based and evidence-led approach across the…
-
·
Preparing for DCC Evidence Requirements
Article first published 23/09/2025 and updated 27/05/2026 Recent developments: Since publication, the relationship between Defence Cyber Certification and DEFCON 658 has become clearer. MOD Industry Security Notice 2026/02 confirms that suppliers holding and maintaining valid certification at the appropriate DCC level may use that certification as assurance of control requirements under DEFCON 658. This does…
-
·
Bolstering SME Cyber Resilience
In his latest article, first written for, and published by BCS ITNow Magazine, Logiq Security Practice Lead, Matthew Mackay CISM CISA, outlines why smaller organisations must adopt a principles-based approach to managing cyber risk. Strong cybersecurity practices can not only enable SMEs to protect themselves from cyber threats, but also offer a competitive advantage, particularly…
