Defence as a Platform will transform MOD procurement – but who will champion Information Assurance?

Screen Shot 2015-07-30 at 10.41.37 The MOD Chief Digital and Information Officer (CDIO), Mike Stone chose the recent inaugural Defence CIO Symposium to introduce ‘Defence as a Platform’ (DaaP) – a complete transformation of the ICT procurement and provision process – and Ascentor’s Steve Penny was in the audience with 600 attendees from the MOD and industry.

With a background in the military and communications before working in information security, Steve was interested in DaaP and how it plans to deliver information services to Defence. In particular, given Ascentor’s work, how would Information Assurance (IA) fit into the new process?

‘Defence as a Platform’ – main highlights

  • The DaaP concept will provide a shared set of common components and infrastructure across the MOD to support all mission and line of business services and applications. No longer will MOD business units procure their own systems or services.
  • The MOD’s Information Systems and Service (ISS) will act as the design authority for all new or bespoke requests from end users across defence (to ensure coherence) whilst all other requirements can be ordered from a single catalogue of services, which ISS will provide. In essence, ISS will become an ‘ICT as a Service’ organisation. There won’t be any vendor interaction at the ‘point of sale’.
  • Mike Stone said that this organisational and technical transformation had to be enabled by a cultural change within the MOD and ISS – which he recognised would not be achieved overnight, but would be fundamental to achieving the vision.
  • DaaP would also require a change in the nature of the relationship between MOD and industry. The change means that defence users will – by and large – engage only with the MOD’s ISS organisation – this will require vendors to have (or build) strong relationships within ISS.

In an editorial on the launch of DaaP, WiredGov describes it as “fundamental to achieving Commander JFC General Sir Richard Barrons’ vision of an information enabled armed forces capable of meeting the challenges of warfare in the information age.”

Robust IA for the information enabled armed forces

Within the DaaP context, we were pleased to read the WiredGov editorial that “there can be no denying that conducting operations in the future will be more – not less – centered on information, be it command of, access to or denial of information.” So, the challenge of robust and appropriate IA remains high profile.

At DPRTE last year, Ascentor launched ‘IA Inside’. This model sees IA built into programmes from the very early stages and focus maintained as the programme progresses from specification through procurement at MOD, and then through bidding and delivering with the suppliers. Currently, the MOD side needs careful coordination between the different user and procurement stakeholders. Is DaaP an opportunity for ISS to champion IA Inside?

During his address, Mike Stone promised a focus on where the MOD can learn from other industries. “Rather than trying to invent something new, as in the past, can we grab hold of something from elsewhere?” We would like to think so.

Video highlights of the MOD Information Symposium can be viewed here

Defence as a Platform is also discussed by Brigadier Alan Hill in this CIO interview .

For further information:

If you have found this article of interest, the Ascentor blog regularly carries articles about cyber security and information assurance issues. You might also like to keep in touch with Ascentor by receiving our quarterly newsletter and following us on LinkedIn and Twitter.

If you’d like to discuss how ourconsultants could advise on any aspect of cyber security, please contact Dave Jamesat Ascentor.

Email: [email protected]

Office: 01452 881712



You may also be interested in:

Building business resilience

Building business resilience - through Information Security, Business Continuity and Disaster Recovery

How strong is your business resilience to threats to IT, information and physical security? And how can security standards like ISO 27001 and ISO 22301 help?

Ascentor's cyber security review 2020

Ascentor’s cyber security review of 2020

It was the year a different kind of virus dominated. But that didn’t stop cyber criminals exploiting it. We look back at 2020.

Cyber security myths of SMEs

Cyber security myths putting SMEs at risk

SMEs have long been a favourite hunting ground for cyber criminals and, in the worst case scenario, may not survive. We look at some of the myths that put SMEs at risk of cyber crime.