Defence as a Platform will transform MOD procurement – but who will champion Information Assurance?

Screen Shot 2015-07-30 at 10.41.37 The MOD Chief Digital and Information Officer (CDIO), Mike Stone chose the recent inaugural Defence CIO Symposium to introduce ‘Defence as a Platform’ (DaaP) – a complete transformation of the ICT procurement and provision process – and Ascentor’s Steve Penny was in the audience with 600 attendees from the MOD and industry.

With a background in the military and communications before working in information security, Steve was interested in DaaP and how it plans to deliver information services to Defence. In particular, given Ascentor’s work, how would Information Assurance (IA) fit into the new process?

‘Defence as a Platform’ – main highlights

  • The DaaP concept will provide a shared set of common components and infrastructure across the MOD to support all mission and line of business services and applications. No longer will MOD business units procure their own systems or services.
  • The MOD’s Information Systems and Service (ISS) will act as the design authority for all new or bespoke requests from end users across defence (to ensure coherence) whilst all other requirements can be ordered from a single catalogue of services, which ISS will provide. In essence, ISS will become an ‘ICT as a Service’ organisation. There won’t be any vendor interaction at the ‘point of sale’.
  • Mike Stone said that this organisational and technical transformation had to be enabled by a cultural change within the MOD and ISS – which he recognised would not be achieved overnight, but would be fundamental to achieving the vision.
  • DaaP would also require a change in the nature of the relationship between MOD and industry. The change means that defence users will – by and large – engage only with the MOD’s ISS organisation – this will require vendors to have (or build) strong relationships within ISS.

In an editorial on the launch of DaaP, WiredGov describes it as “fundamental to achieving Commander JFC General Sir Richard Barrons’ vision of an information enabled armed forces capable of meeting the challenges of warfare in the information age.”

Robust IA for the information enabled armed forces

Within the DaaP context, we were pleased to read the WiredGov editorial that “there can be no denying that conducting operations in the future will be more – not less – centered on information, be it command of, access to or denial of information.” So, the challenge of robust and appropriate IA remains high profile.

At DPRTE last year, Ascentor launched ‘IA Inside’. This model sees IA built into programmes from the very early stages and focus maintained as the programme progresses from specification through procurement at MOD, and then through bidding and delivering with the suppliers. Currently, the MOD side needs careful coordination between the different user and procurement stakeholders. Is DaaP an opportunity for ISS to champion IA Inside?

During his address, Mike Stone promised a focus on where the MOD can learn from other industries. “Rather than trying to invent something new, as in the past, can we grab hold of something from elsewhere?” We would like to think so.

Video highlights of the MOD Information Symposium can be viewed here

Defence as a Platform is also discussed by Brigadier Alan Hill in this CIO interview .

For further information:

If you have found this article of interest, the Ascentor blog regularly carries articles about cyber security and information assurance issues. You might also like to keep in touch with Ascentor by receiving our quarterly newsletter and following us on LinkedIn and Twitter.

If you’d like to discuss how ourconsultants could advise on any aspect of cyber security, please contact Dave Jamesat Ascentor.

Email: [email protected]

Office: 01452 881712



You may also be interested in:

Work from home cyber security myths

Cyber security myths home workers fall for

Home workers are a growing gateway to your data and systems. If they believe any of these popular cyber security myths, your security is at serious risk.

Cyber security working from home

Managing good cyber security when working from home - what employers need to know

Home working carries increased security risks, but it doesn’t have to be open season for cyber criminals. These tips will help you put together a robust level of cyber security for your home based employees.

Cyber Essentials is changing - our overview

As the IASME Consortium takes over the management of the certification of Cyber Essentials (CE) Scheme, we look at what the changes will involve and why the scheme is still very much needed.