Bee-net answers questions on MOD Secure By Design for Think Digital Partners

We can’t do Secure by Design; we don’t have the resources.

This is something we often hear. There is some truth to this statement. But what is the right resource? Surely, you need someone who is very technical, understands technology, networks and can fix complicated security issues – right?

The Sellafield Nuclear Site has been reported by the Guardian as having been hacked by the Russians and Chinese. How did they respond?

The Ministry of Defence (MOD) has the most vulnerable IT security in Whitehall, it can be revealed, with 11 "redrated" systems exposed to "critical" levels of risk.

Watch George Bathurst explain how Secure By Design is the pathway to securing this threat.

Cyber security risks are often severe. Planes can fall out of the sky, you could lose lots of money or your company could face severe reputational damage.

In today's interconnected world, where digital landscapes continuously evolve, the importance of cybersecurity cannot be overstated. It’s not just about firewalls and encryption; it's about fostering a culture of accountability — a cornerstone in safeguarding sensitive information and maintaining trust.

‘There’s no need to start security yet, we’re not ready for that. When we are, we’ll just call the security team. We’ll shift everything to the right a bit.’

Imagine the security team in this project. Asked to tackle complicated technical issues, supplier risks, demanding stakeholders and often some confusion.

To celebrate the New Year, we’re now officially Cyber Essentials Plus certified. A big thank you to our friends at Securious for their help in achieving this.

We’ve all heard about the increasing importance of cyber security but do you really need it?

A big mistake I’ve seen many projects make is spending too much on cyber security. This means less money for the capability they’re developing. The weapon system doesn’t get the range its users wanted. The ship misses having the weapon system altogether. There are fewer ships in total.

Heard about Secure By Design but unsure how to implement it in your project?

Checkout our free online training events.

Choose a time that suits you.

Want to learn about Secure By Design but short of time?

Download our Quick Reference Guide.

Quickly answer questions like whether you need additional security resource or who signs off security approval

Secure by Design is a key component of how cyber security will be improved within the MOD.

The culture and approach to how cyber security is addressed in capability programmes across MOD is changing. Cyber security is often bolted on at the end of a programme lifecycle after an accreditation process and this does not provide MOD with the best chance of delivering secure capabilities into our operational user’s hands.

Secure by Design demands that thorough preparation for risk management is conducted. Here, cyber security consultants are often asked to identify and list stakeholders. But why should we do this if it isn’t useful? How can a list of people contribute to good risk management? Having a list of interested parties is a great start but through secure by design we want to take this to a more practical level.