Secure by Design
Cyber security at the heart of business decision-making
Aligning government with industry best practice to make government suppliers, partners and contractors accountable for delivering cyber-secure systems.
Continual risk management will start with project conception, rather than later in a project, to avoid unwelcome expense and resource.
To make knowledge sharing easier and contracts simpler both to write and deliver against, improving outcomes for taxpayers and suppliers alike.
What is the objective of Secure By Design?
Secure By Design is replacing the compliance-based, point-in-time approval process with continual, risk management.
Secure By Design was officially mandated by the Ministry of Defence (MOD) from 28 July 2023, and will be rolled out across government – across Defence and public sector – over the coming years.
The new approach will put cyber security at the heart of business decision-making, creating a more secure and safer cyber environment for all.
What’s the impact on government suppliers and contractors?
‘Risk management’ will no longer be a purely technical exercise conducted by specialists in a prescriptive process. Instead, it will be a continual process, based on open standards such as NIST 800-37 and focused on business and enterprise risk management.
Required skills and training
Secure by Design will require new skills from many of your staff, including project managers, commercial teams and even from your cyber security specialists. They will all have to adopt new approaches and techniques, as well as learning to interact across unfamiliar disciplines.
Live with UK MOD
Secure by Design is live within the UK MOD now. Changes to its people, processes and technology are well underway.
New approach to recruitment and training
Secure by Design changes everything. This whole new approach means you need to be aware of who you recruit, how you train your people, how you bid for work and how your people approach risk management. This is a cultural and mentality shift from the older ways of working. How are you responding?
Contact us
Please get in touch to find out more about our services.