Articles
Clear, practical insight on the topics shaping secure and regulated environments – from day-to-day delivery challenges to the frameworks and requirements that underpin them.
-
Preparing for DCC Evidence Requirements
|
Read more: Preparing for DCC Evidence RequirementsThe Defence Cyber Certification (DCC) scheme, launched in 2025, represents a fundamental shift in how the MOD validates cyber security across its supply chain. Unlike the previous Supplier Assurance Questionnaire (SAQ) approach that relied on self-assessment, DCC introduces independent, third-party verification of controls outlined in DefStan 05-138. For defence suppliers, this transition from “we have…
-
Bolstering SME Cyber Resilience
|
Read more: Bolstering SME Cyber ResilienceIn his latest article, first written for, and published by BCS ITNow Magazine, Logiq Security Practice Lead, Matthew Mackay CISM CISA, outlines why smaller organisations must adopt a principles-based approach to managing cyber risk. Strong cybersecurity practices can not only enable SMEs to protect themselves from cyber threats, but also offer a competitive advantage, particularly…
-
CSMv4 – Building Cyber Security into the Defence Supply Chain
|
Read more: CSMv4 – Building Cyber Security into the Defence Supply ChainPreparing MOD Suppliers for CSMv4 Readiness This article reflects guidance as at 25 July 2025. For the latest updates, visit the MOD Cyber Security Model page on gov.uk. Back in January, we explored what CSMv4 means for the defence supply chain and why it represents a significant evolution from CSMv3. With the publication of Def…
-
From Information Security to Cyber Security: Aligning Security with Organisational Objectives
|
Read more: From Information Security to Cyber Security: Aligning Security with Organisational ObjectivesBy Matthew Mackay CISA CISM CITP MBCS ChCSP MCIIS, Security Practice Lead at Logiq Article written for and first published by techUK It’s time we stop thinking in terms of ‘information security’ and start thinking in terms of ‘cyber security’; not just as a linguistic shift, but a fundamental shift in the way we view…
-
SaaS or Self-Hosted: What’s the right ServiceNow strategy for your organisation?
|
Read more: SaaS or Self-Hosted: What’s the right ServiceNow strategy for your organisation?ServiceNow has become the go-to platform for organisations seeking to streamline workflows, automate service delivery and drive digital transformation. With its extensive capabilities, the platform presents huge value opportunities but also requires a key consideration – the deployment strategy. Does the organisation and associated infrastructure require a conventional, vendor-hosted SaaS solution or a self-hosted instance?…
-
Defence Cyber Certification: Aligning Risk Profiles with Real Assurance
|
Read more: Defence Cyber Certification: Aligning Risk Profiles with Real AssuranceIn a previous article, we explored the MOD’s Cyber Security Model version 4 (CSMv4), the framework that introduced structured risk profiles to assess the cyber requirements of defence contracts. Now, we turn our attention to what comes next: Defence Cyber Certification (DCC), the formal mechanism that ensures Defence Suppliers meet the resilience standards required across…
-
The True Cost of a Cyber Attack on the Defence Supply Chain
|
Read more: The True Cost of a Cyber Attack on the Defence Supply ChainIn early 2022, a well-regarded UK defence contractor found itself at the centre of a cyber security storm. The company, an SME and key supplier of engineering components for Ministry of Defence (MOD) projects, had built its reputation on precision, reliability, and discretion. But that reputation was shattered almost overnight when a cyber-attack exposed confidential…
-
How ServiceNow ITSM Transforms Defence Services
|
Read more: How ServiceNow ITSM Transforms Defence ServicesManaging IT services in the defence sector is an unique and often highly complex challenge. Unlike commercial enterprises, where IT disruptions might cause financial setbacks or inconvenience, in defence, an inefficient IT service can compromise national security and expose sensitive data to cyber threats. The ability to maintain seamless, secure and highly responsive IT services…
-
Simplifying Secure Collaboration for MOD Contractors
|
Read more: Simplifying Secure Collaboration for MOD ContractorsAt a glance, defence projects may appear seamless; multiple organisations working together, each contributing their expertise to deliver advanced capabilities for the Ministry of Defence (MOD). The reality, however, is that collaboration in the defence sector is anything but simple. Consider; a small defence contractor preparing a bid submission for a high-value MOD contract. The…
-
Why Defence Needs Secure ITSM
|
Read more: Why Defence Needs Secure ITSMManaging IT services in the defence sector comes with a unique set of challenges. Unlike in commercial businesses, where IT failures might result in financial loss or reputational damage, in defence, the stakes are far higher. Worst case scenario: disruption that jeopardises operations and ultimately risks lives. To keep these services and systems running efficiently…
-
Cyber Security Risk Management in the Public Sector
|
Read more: Cyber Security Risk Management in the Public SectorCyber security within government organisations is fundamental to national resilience. The public sector handles vast amounts of highly sensitive information, ranging from personal data to classified intelligence, making it a prime target for cyber threats. Effectively managing cyber risks thus requires a socio-technical approach considering the people and processes, as well as the technology used.…
-
Why Defence Suppliers Need a Managed Security Service
|
Read more: Why Defence Suppliers Need a Managed Security ServiceWhen a mid-sized defence supplier landed its first direct contract with the Ministry of Defence (MOD), the leadership team knew security was a priority. They had an IT team in place, firewalls installed, and a cyber awareness programme for employees. On paper, they believed they were covered. Then came the hard truth. As part of…