BAE Systems Detica - MSS

UK Government and a group of Britain’s leading defence and security companies today announce that they have joined forces to launch the Defence Cyber Protection Partnership (DCPP), aimed at bolstering the security of the UK against cyber attack through action within the defence industry.

Collective expertise

Recognising that cyber attacks are a serious threat to the security and economic well-being of the UK, the Centre for the Protection of National Infrastructure (CPNI), Government Communications Headquarters (GCHQ), Ministry Of Defence (MOD) and nine companies, BAE Systems, BT, Cassidian, CGI, Hewlett Packard, Lockheed Martin, Rolls-Royce, Selex ES and Thales UK have come together to use their collective expertise in defending against this threat.

By pooling their experience of operating under constant threat of sophisticated cyber attack, the DCPP will identify and implement actions that have a real impact on the cyber defences of the members of the Partnership and the UK defence sector as a whole. The DCPP model is intended to lead the way in industry collaboration and action on cyber security and to act as a useful template which can then be followed by commercial sectors to improve resilience across UK industry.

Three areas of focus

The Partnership will focus on three specific areas during 2013: increasing awareness of cyber risks across the supply chain; defining risk-driven approaches to applying cyber security standards; and sharing threat intelligence.

Working with the trade associations ADS and Intellect, DCPP will raise awareness and improve the understanding of cyber security risks, in particular by taking a pro-active stance to increase security of the wider defence supply chain through highlighting the need for protective measures.

Using existing industry standards as a foundation, the DCPP will define a risk-based and coherent approach to implementing cyber security standards across its members and its supply chain partners. By defining a framework which enables a proportionate application of controls, the DCPP will be able to provide guidance to organisations in the defence supply chain operating at different levels of risk exposure and complement the work on organisational standards being led by the Department for Business Innovation and Skills.

Sharing threat Intelligence

Organisations within the DCPP will also share threat intelligence and wider expertise on tackling cyber threats from the defence sector with other industry sectors and government through the recently announced national Cyber Security Information Sharing Partnership.

Minister for Defence Equipment, Support and Technology Philip Dunne, said:

"I'm absolutely delighted by the level of commitment shown by the participating companies in helping us to build our national resilience against cyber attack, and I look forward to more of our key contractors coming on board.

"This is a clear demonstration that government and industry can work together - sharing information, experience and expertise - to make sure we do everything we can to protect these critical networks, ensuring that the business of Defence is robustly protected."

Vic Leverett, DCPP Chair, commented:

“This is an issue which demands a concerted and coordinated approach between Government and Industry and the DCPP is a critical component of this. Collaboration between industries and with Government has been first class, reflecting the joint commitment to succeed with our 2013 objectives. The whole is proving to be significantly better than the sum of the parts.”