Secure by Design (SbD) Overview
For many years the methodology used by the MOD to manage the risk to systems, applications and information was the accreditation process. This was often an annual process and included the production of an RMADS for meeting established standards for security and risk management.
Since July 2023, all capabilities, technology infrastructure and digital services in Defence need to follow the Secure by Design approach. The change has been necessary to significantly improve the overall level of assurance and risk management applied to MOD systems and is crucial for achieving secure and resilient Defence Outcomes. The new process is called Secure by Design (SbD) and the 7 principles it advocates are mandatory for new MOD systems and those coming up for renewal under the old system.
How Can We Help
We specialise in providing Secure by Design (SbD) services to the MOD for the continual assurance of MOD programmes, projects and capabilities following MOD policy and guidance, NCSC standards/guidance, Data Protection Act and GDPR using NIST CSF, NIST SP-800-53, JSP440 and JSP604.
We have been providing continual risk management to the MOD and its supply chain for over 20 years across all Defence sectors. Consider us your expert SbD partners, whether you need support on a new or existing project, we can help.
With our vast expertise in assuring MOD systems, we can support you with;
- Risk Assessment, Risk Treatment, Security Management Plan (SMP), Security Case
- Transition from legacy MOD accreditation to MOD SbD
- Continual assurance using SbD, providing through-life management
- Supporting completion of MOD SbD risk management self-assessment question sets following the 7 Security Principles
- Liaison with Delivery Team Security Leads (DTSLs)/Security Assurance Coordinators (SACs)
- Cyber Security Policy & Standards Advice, Guidance, Development.
- Audits and Reviews using JSP440, NIST, ISO27001/2
- Provision of segregated, transparent Assurance/Accreditor oversight
- Assessment of supply chain risks
- Bid writing to meet MoD SbD requirements
- Outsourced SRO – Senior Responsible Owner
- Services delivered by vetted Suitably Qualified and Experienced Persons (SQEP) up to DV cleared
Talk to us about MoD Secure By Design
Downloads
Find Us
Video Content
MOD SECURE BY DESIGN (SBD) | CONTINUOUS RISK ASSURANCE FOR SYSTEMS AND APPLICATIONS | CASE STUDY
Published on November 15, 2024
Discover more about MOD Secure by Design (SbD) with our client case study.
From our Blog
PODCAST | The Multifaceted Risks and Implications of Obsolescence | Part 1
Obsolescence is more than just outdated tech—it’s a critical risk affecting industries worldwide. From aerospace and defence to rail and government, this podcast dives into the challenges of aging systems, counterfeit threats, and global supply chain disruptions. Join industry experts as we explore how professionals at every level—engineers, managers, and security specialists—can tackle obsolescence, mitigate […]