The MOD: innovating in cyber security

Ross Parsell | DCORoss Parsell, Director of Cyber Security at Thales UK, outlines for MOD DCB the Ministry of Defence’s innovations in the realm of national cyber security.

The Ministry of Defence has a greater need than most organisations for innovating in cyber security. A successful attack on a private business can result in financial harm, loss of IP or reputational damage whereas a successful cyber attack against the UK can put critical national infrastructure, vital communications, defence forces and even the lives of UK citizens at risk.

This can no longer be construed as hyperbole. There are now numerous instances of cyber attacks causing real damage to the well-being of nation states. Consider the 2007 cyber attacks on Estonia in which the websites of prominent Estonian organisations such as ministries, the media and banks were suspended or defaced by extended denial-of-service attacks via ping floods and botnets; the attacks on US government or private business websites, attributed by the US government to foreign powers under the ‘Titian Rain’ label; or the attacks during the South Ossetia war of 2008 that disabled a number of Georgian, Russian, Ossetian and Azeri websites.

Fortunately, the MOD is investing in cyber security innovation to make the UK more resilient to the sorts of attacks outlined above through both defensive and offensive measures. The MOD must also be lauded for its collaboration with industry to combat the growing cyber threat.

Combating the cyber skills shortage

To be at the forefront of cyber security, the MOD needs to recruit and maintain an elite cyber workforce. However, the need for cyber security experts in the UK far exceeds the pool of qualified personnel. While the public sector in general cannot compete with the top private sector firms on salaries, organisations such as the MOD and GCHQ are correctly positioning their cyber security employment opportunities as giving potential applicants more interesting work to do than the private sector. Cyber employees at the MOD really are at the forefront of cyber warfare: protecting the UK from malicious attacks from criminal gangs and other nations.

The MOD has also committed to investing heavily in its recruitment process. Under the UK National Cyber Strategy, central government has earmarked £650 million for hiring ‘cyber warriors’, of which the MOD received £90 million. The MOD will supplement this sum with a further £30 million from its own coffers.

Investing in cyber security technology

The MOD has invested in cutting-edge information security technology to ensure that its employees operate in one of the most secure working environments in the world. For example, assurance encryption hardware protects the MOD’s VoIP, email services, networks and storage to the level of IL5, which the nature of the MOD’s work demands. The MOD makes use of surveillance devices that can detect and alert IT departments as to when cyber attacks have occurred. It may seem like the world of James Bond, but some parts of the MOD even employ monitoring systems which can ascertain the stress levels of employees.

Collaborating with industry for cyber excellence

The MOD works with a number of suppliers, such as Thales, to ensure both it and the UK are cyber secure. National security cannot remain in the hands of the public sector alone but requires collaboration with industry. The MOD relies upon these third-party suppliers for everything from encryption hardware and identity management infrastructures to code signing solutions and time stamping.

However, effective cyber security relies upon more than just products. For instance, while at Thales we supply hardware and software to the MOD, we also supply expertise and training. With the UK under threat from an increasingly complex array of attacks from cyber space, suppliers that can offer the MOD value-add consultancy as well as the provision of equipment will be successful. Through collaboration with industry, the MOD’s workforce can develop their cyber skills and constantly improve their cyber maturity.

BAE: building for growth

Ian Catterick | BAE Systems | MOD DCOThe Northern Defence Industries (NDI) ‘Building for Growth’ conference took place in Glasgow at the end of November and provided a direct focus on how industry can actively work to build new relationships with potential customers, and in doing so help achieve business growth for the future. One of the keynote speakers, Ian Catterick, Head of Supply Chain – Major Systems & Equipment at BAE Systems, provided an overview of the maritime element of this important prime, the key programmes recently completed and the many opportunities on the horizon for the most innovative SMEs. Here, MOD DCB provides highlights from Mr Catterick speech. 

With over 27 years’ experience in the procurement industry, Ian Catterick has worked with BAE Systems since 2011, where he is responsible for supply chain activities across major systems and equipment. Mr Catterick used his keynote speech at the recent NDI ‘Building for Growth’ conference in Glasgow to outline some of the changes which have taken place within BAE as a whole, and how the creation of Maritime – Naval Ships will help continue to deliver important MOD programmes.

Mr Catterick said: “Naval Ships is a new construct in itself, and was released this year from our Service Ships organisation. This change was implemented as we reformed to target our focus on platforms and combat systems. We take care of the fleet right from the design conceptual phase through build to delivery and, in the case of the new frigate, through-life support. If you look at the lifespan of some of the vessels that are in service today, we’re talking 25 going on 35 years of service. Keeping those vessels afloat is a great opportunity and probably as valuable as the initial build and acquision phase itself.

“Our portfolio is interesting in so far as we have been fortunate enough to have quite a good, stable log book of products coming out. We have just finished and sent to sea trial the sixth and final Type 45 Destroyer and that has been a very successful programme for us, laying the foundation for the very ambitious and large programme which is the Queen Elizabeth Class carriers. The latter are being built around the UK in Portsmouth, Liverpool and on the Clyde, before final assembly in Rosyth. It’s a very ambitious programme in its own right and it has had many trials and tribulations on its way in terms of its design and configuration.”

Type 45

Mr Catterick then highlighted how BAE has learned from experience, speaking in greater depth about the Type 45 programme and the levels of capability achieved.

“The business is taking more of the learning from the Type 45 and Queen Elizabeth Class programme and investing it in what we hope will be a very successful programme – the Type 26 Global Combat Ship Frigate. The Type 45 is a capable anti air warfare destroyer, one of the leaders in its class in the world today. Five have been successfully completed; the sixth is on sea trial and is expected to go into service next year.

“If we look at the QEC family, we have two carriers being built. The last and most significant part of the first ship – the lower block floor – recently set sail on the Clyde on the back of a barge around the UK to Rosyth dockyard and should complete the infrastructure. These are very ambitious programmes and we hope to take their success on into the Type 26 GCS programme.”


While the Type 26 product has been specifically tailored for the UK defence marketplace, Mr Catterick believes that it could also be suitable worldwide.

“This is not just a product that we believe will be suitable for the national marketplace – we believe it’s also something that will be of extreme interest in the export world,” he said.  

“We hope and plan that the Type 26 will enter service in early 2020 – a lot of the design work is on the drawing board now and our attendance here today is a great opportunity for the supply base to come to terms with the programme’s requirements and how they may be able to marry up with those requirements and be successful in the delivery. Its basic displacement of 5400 tonnes will be the backbone of the Royal Navy fleet going forward. We’re hoping, if successful, that we can put 13 of these platforms to sea.”

Ever evolving

“With a programme of this nature, the requirements always evolve as we see what the art of the possible is in terms of the capabilities we can produce and what the customer, in this case the Royal Navy, ultimately wants; and we can balance that off against what is affordable and what is achievable. The message for industry is that change happens a lot on these programmes – one of the key things that the supply chain needs to understand is that we as a prime have to manage change as effectively as possible. So that for me is the main message – accept change as a norm.

“About the product itself: we are designing this one in conjunction and in partnership with the MOD. Within our facility in Bristol we are working hand in glove to make sure that we don’t lob one thing over the fence to the other party; we are in the room together, trying to ensure we have an effective product coming on the drawing board. Being able to build support into the initial design itself is unique – and hopefully for the Treasury, for us and for the public purse this will give us a product which is really cost-effective for the taxpayer.

“And that brings us on to the through-life concept of affordability – value for money and value for the public purse. Whatever we do as a prime, we have to test and examine the questions ‘Are we delivering value for money?’ and ‘Is the proposition affordable?’. That doesn’t mean ‘What’s in it for me?’ – it’s a ‘What’s in it for we?’ scenario, and something that we are trying to make sure that this programme brings forward with a lot of publicity.

“Supply chain participation will get us that affordability because we see it coming through with innovation. Participation doesn’t mean a bunch of boffins stuck in a room; it can be as simple as taking waste out of the supply chain in any way, shape or form.”

For further information, visit: