Defence Cyber Protection Partnership: overview and cyber risk profile requirements, evidence and guidance
Overview of the DCPP initiative and information about the proportionate security controls to be implemented and evidence to be submitted as part of all MOD contracts.
2016 guidance update
As of 1 January 2016, all suppliers bidding for new MOD requirements which include the transfer of ‘MOD identifiable information’ should achieve a Cyber Essentials Scheme (CES) certificate by the contract start date. However, the DCPP Cyber Security Model (CSM), which will require some suppliers to ensure additional cyber security controls are in place ahead of contract award, is currently due to be implemented in Q2 2016. Further information is below.
The Defence Cyber Protection Partnership (DCPP) is a joint MOD/industry initiative initiated in 2012 and established in 2013. The DCPP is tasked with improving the protection of the defence sector from the cyber threat. The first attachment is an overview of the DCPP. The second attachment covers frequently asked questions (FAQs). Attachments 3 to 6 set out the cyber risk profile requirements and provides guidance on the evidence to be submitted by suppliers to demonstrate that they have met these requirements.
Published: 24 March 2015
Updated: 22 June 2016
- Added link to: Defence Cyber Protection Partnership: your questions answered
- Added link to Defence Cyber Protection Partnership: resource guide.
- Added updated 'Implementation of Cyber Essential Scheme: your questions answered' document
- Added document for Implementation of Cyber Essential Scheme: Your questions answered
- Added updated Cyber Risk Profiles: Requirements, Evidence and Guidance document and overview text.
- First published.