Articles
Clear, practical insight on the topics shaping secure and regulated environments – from day-to-day delivery challenges to the frameworks and requirements that underpin them.
-
CYBERUK 2026 – what’s worth paying attention to
|
Read more: CYBERUK 2026 – what’s worth paying attention toEach year, CYBERUK sets the tone for how cyber security is expected to operate in practice – not just in policy terms, but in what organisations are actually held accountable for. This year’s theme, “The next decade: accelerating our cyber defence”, signals something that’s been building for a while. The conversation has moved on. The…
-
Security is a Product Decision: Why Secure by Design Starts with the Product Owner
|
Read more: Security is a Product Decision: Why Secure by Design Starts with the Product OwnerBy Beth Hurford, Senior Optimisation and Transformation Consultant, Logiq Picture this. You’re in a requirements workshop. There’s a business analyst (BA), a developer, maybe a systems engineer, and you, the product owner (PO). Security isn’t there. Someone decided it was “too early”, that involving them now would mean “too many cooks” and that security can…
-
Cybersecurity: A discipline in search of a definition
|
Read more: Cybersecurity: A discipline in search of a definitionBy Matthew Mackay, Practice Lead and Principal Security Consultant, Logiq In an era where digital threats evolve faster than most organisations can adapt, you would be mistaken for believing that there would be a universally agreed definition for the term ‘cybersecurity’. Despite its increased profile and agreed importance, cybersecurity remains a concept without a single,…
-
What is the NCSC Cyber Advisor Scheme and do you need it?
|
Read more: What is the NCSC Cyber Advisor Scheme and do you need it?If you are preparing for Cyber Essentials certification, you may have come across the term “Cyber Advisor”. It is easy to assume it is another form of certification, or perhaps a mandatory step in the process. It is neither. The Cyber Advisor scheme was developed by the National Cyber Security Centre and is delivered in…
-
CSRB and the Reality of OT and ICS
|
Read more: CSRB and the Reality of OT and ICSThe Cyber Security & Resilience Bill is being talked about as a major update to the UK’s regulatory landscape, but its impact won’t be felt in policy documents or compliance dashboards. It will be felt in the quiet corners of essential services where technology, process and people collide — places where systems were never designed…
-
How DISX Supports CSMv4 Readiness
|
Read more: How DISX Supports CSMv4 ReadinessPreparing for the enhanced Cyber Security Model has become a significant focus for suppliers working with the Ministry of Defence. While the policy intent is straightforward — raising the bar for cyber resilience across defence programmes — the practical reality can feel messy, especially for organisations without dedicated security teams. Much of the initial effort…
-
Delivering OFFICIAL and OFFICIAL-SENSITIVE work in practice
|
Read more: Delivering OFFICIAL and OFFICIAL-SENSITIVE work in practiceThere is sometimes a tendency to treat the terms OFFICIAL and OFFICIAL-SENSITIVE as purely administrative labels, but for organisations working with the Ministry of Defence they represent a set of expectations about how information should be handled and what the working environment needs to look like. What the classifications mean in day-to-day delivery These classifications…
-
Where the Cyber Security & Resilience Bill Leads Us
|
Read more: Where the Cyber Security & Resilience Bill Leads UsThe Cyber Security & Resilience Bill has reached the stage where the early noise has faded, leaving behind the steadier question of what it actually means for organisations that keep essential services running. When it first appeared in the King’s Speech, commentary clustered around familiar points: a refreshed Network and Information Systems (NIS) regime, firmer…
-
Considering the Physical Aspects of Cyber Security
|
Read more: Considering the Physical Aspects of Cyber SecurityBy James Jackson, Security Consultant, Logiq Comprehensive physical security controls are as essential as digital cyber security controls. A strong physical security posture is key to avoiding incidents – however stakeholders may overlook these more traditional defences against the ever-changing digital landscape. Physical security is the prevention and mitigation of unauthorised access to facilities and…
-
NCSC Annual Review 2025 – What Resilience Looks Like Now
|
Read more: NCSC Annual Review 2025 – What Resilience Looks Like NowThe National Cyber Security Centre’s Annual Review 2025 arrives at a moment when the language of cyber resilience has become inseparable from the language of business itself. Across the public sector and its supply chains, the review paints a picture of a nation more dependent than ever on digital systems — and more exposed than…
-
Navigating MOD Cyber Compliance in 2025
|
Read more: Navigating MOD Cyber Compliance in 2025In the UK defence sector, cyber security is no longer treated as a peripheral concern; it is central to procurement policy, and the risks of compromise are too great to be left to interpretation. At the heart of the Ministry of Defence (MOD) expectations sits Defence Standard (Def Stan) 05-138, a detailed standard that defines…
-
CSMv4 Compliance: MOD Cyber Requirements Explained
|
Read more: CSMv4 Compliance: MOD Cyber Requirements ExplainedCSMv4 Compliance – What MOD Suppliers Need to Do Before 3 November 2025 After nearly two years of preparation, Cyber Security Model version 4 (CSMv4) is now confirmed for formal implementation across the defence supply chain. The Ministry of Defence announced through Industry Security Notice (ISN) 2025/04 that CSMv4 will take effect from 00:01 GMT…