-
·
What is the NCSC Cyber Advisor Scheme and do you need it?
If you are preparing for Cyber Essentials certification, you may have come across the term “Cyber Advisor”. It is easy to assume it is another form of certification, or perhaps a mandatory step in the process. It is neither. The Cyber Advisor scheme was developed by the National Cyber Security Centre and is delivered in…
-
·
CSRB and the Reality of OT and ICS
The Cyber Security & Resilience Bill is being talked about as a major update to the UK’s regulatory landscape, but its impact won’t be felt in policy documents or compliance dashboards. It will be felt in the quiet corners of essential services where technology, process and people collide — places where systems were never designed…
-
·
How DISX Supports CSMv4 Readiness
Preparing for the enhanced Cyber Security Model has become a significant focus for suppliers working with the Ministry of Defence. While the policy intent is straightforward — raising the bar for cyber resilience across defence programmes — the practical reality can feel messy, especially for organisations without dedicated security teams. Much of the initial effort…
-
·
Where the Cyber Security & Resilience Bill Leads Us
The Cyber Security & Resilience Bill has reached the stage where the early noise has faded, leaving behind the steadier question of what it actually means for organisations that keep essential services running. When it first appeared in the King’s Speech, commentary clustered around familiar points: a refreshed Network and Information Systems (NIS) regime, firmer…
-
·
Considering the Physical Aspects of Cyber Security
Guest blog by James Jackson, Security Consultant, Logiq Comprehensive physical security controls are as essential as digital cyber security controls. A strong physical security posture is key to avoiding incidents – however stakeholders may overlook these more traditional defences against the ever-changing digital landscape. Physical security is the prevention and mitigation of unauthorised access to…
-
·
NCSC Annual Review 2025 – What Resilience Looks Like Now
The National Cyber Security Centre’s Annual Review 2025 arrives at a moment when the language of cyber resilience has become inseparable from the language of business itself. Across the public sector and its supply chains, the review paints a picture of a nation more dependent than ever on digital systems — and more exposed than…
-
·
Navigating MOD Cyber Compliance in 2025
In the UK defence sector, cyber security is no longer treated as a peripheral concern; it is central to procurement policy, and the risks of compromise are too great to be left to interpretation. At the heart of the Ministry of Defence (MOD) expectations sits Defence Standard (Def Stan) 05-138, a detailed standard that defines…
-
·
CSMv4 Compliance: MOD Cyber Requirements Explained
CSMv4 Compliance – What MOD Suppliers Need to Do Before 3 November 2025 After nearly two years of preparation, Cyber Security Model version 4 (CSMv4) is now confirmed for formal implementation across the defence supply chain. The Ministry of Defence announced through Industry Security Notice (ISN) 2025/04 that CSMv4 will take effect from 00:01 GMT…
-
·
Preparing for DCC Evidence Requirements
The Defence Cyber Certification (DCC) scheme, launched in 2025, represents a fundamental shift in how the MOD validates cyber security across its supply chain. Unlike the previous Supplier Assurance Questionnaire (SAQ) approach that relied on self-assessment, DCC introduces independent, third-party verification of controls outlined in DefStan 05-138. For defence suppliers, this transition from “we have…
-
·
CSMv4 – Building Cyber Security into the Defence Supply Chain
Preparing MOD Suppliers for CSMv4 Readiness This article reflects guidance as at 25 July 2025. For the latest updates, visit the MOD Cyber Security Model page on gov.uk. Back in January, we explored what CSMv4 means for the defence supply chain and why it represents a significant evolution from CSMv3. With the publication of Def…
