Over the last three years Niteworks has undertaken a major programme of work to assist the MOD in driving a step change in its approach to cyber operations and capability, most recently through a series of Technology Demonstrator Programmes which is already informing the MOD’s cyber acquisition strategy.
How did Niteworks approach the task?
Niteworks was approached by the MOD and undertook two pieces of work to establish the skills and experience that could be brought to bear from the Niteworks partnership to inform the MOD’s cyber effort. The tasks focussed on defining the cyber skills and competences that would be needed by the MOD, from the specialist operator to the generalist. Niteworks also completed a short project to show how industry quantified the cyber threat and justified expenditure on cyber security activities.
Later on in the year Niteworks was commissioned by the MOD to look at all aspects of MOD-to-industry cyber security and how this could be enhanced to reduce the risk of the Advanced Persistent Threat (APT) to MOD information and operations. This work resulted in a number of practical recommendations which were subsequently taken forward within the MOD. A further project followed that assisted MOD with setting up its organisation for the implementation of changes in MOD-industry cyber security. The project complemented the work of the Defence Cyber Protection Partnership, which has been conducted in full consultation with other Government initiatives led by GCHQ and the Department for Business, Innovation and Skills (BIS).
2013 proved itself as one of the most intensive periods of the Niteworks cyber programme, seeing some highly practical deliverables involving the de-risking of some major technical, security and procedural factors. A major element of this was a series of five Technology Demonstrator Programmes (TDPs) conducted by Niteworks on behalf of the MOD. These set up and evaluated different cyber structures and technologies and their outcomes have informed the MOD acquisition strategy for Cyber Test & Evaluation capability.
In autumn 2013, Niteworks commenced a project looking at Cyber Defence Key Performance Indicators (KPIs) for the future provision of ICT services from industry suppliers to the MOD. The initial Cyber Defence KPI project was completed in December 2013 and a second continuation project was subsequently undertaken.
What was the outcome?
Niteworks has provided the MOD and Dstl with a highly refined definition of the requirements for cyber capability which has been comprehensively evaluated and de-risked. It has supported the MOD in delivering new capability, through practical solutions that could be implemented rapidly. The series of TDPs has ensured top level confidence and understanding within the MOD of what can be achieved through contracting with industry. In turn, the partnership has had first-hand involvement in informing a novel and dynamic strategic requirement and the opportunity to learn from that involvement and reflect that into business practice.