How to Win New Defence and Civil Business

win MOD contracts with DCO


Are you currently bidding for work with the Ministry of Defence and would like to improve your approach? DCO and DCI hold regular WebClinics that give defence suppliers an opportunity to interact with defence procurement experts and learn how to prosper in this lucrative marketplace.

The next event is Defence Contracts International’s WebClinic “How to Find and Win New Defence and Civil Business”, which will take place on 16 October.


Defence and security marketplace

UK defence and security organisations work with a range of suppliers. The MOD alone spends up to £20 billion on the procurement of goods and services with industry each year.

The Defence Equipment Plan has already set out what will be spent over the next decade, and security is one aspect of that.

During the How to Win New Defence and Civil Business webinar, a defence procurement expert will provide an overview of the wider defence and security marketplace. Attendees will also be given the opportunity to ask any questions they have about the marketplace at the end of the session.


Improving your approach

There are many ways you can improve your approach to finding MOD and other public sector contracts – this will also be covered during the session.

Whether you are new to procurement and need to sign up for free DCO contract alerts or want to engage earlier with defence buyers and are unsure how to – our defence expert will discuss a number of options that will improve your approach.


Free Registration

Would you like to find opportunities within the defence, security, and counter-terrorism related projects?

Discover “How to Win New Defence and Civil Business” during the next DCI webinar. This session will take place on 16 October at 11 am and is free to attend.


The Analytical and Risk Approach to Fraud Conference

The Ministry of Defence Fraud Defence Service invite you to attend The Analytical and Risk Approach to Fraud Conference in London on Tuesday 24th May 2016.

Event overview:

At this conference, fraud experts will discuss analytical and risk based approaches to countering fraud within Government.

The conference will be of interest to people involved in managing and mitigating fraud within their organisation and individuals responsible for providing assurance over fraud management.

Senior defence and federal law enforcement agencies from the US, Australia, New Zealand and Canada will also be present.

Event details:

Date: Tuesday 24th May 2016

Timings: 09:30 to 15:30

Speakers: Philip Dunne MP – Minister of State for Defence Procurement

Professor Michael Levi – Professor of Criminology, Cardiff University

Graham Ure – PricewaterhouseCoopers Partner

Robert Wilson – PricewaterhouseCoopers Senior Manager

Mark Cheeseman – Head of Fraud, Error and Debt, Cabinet Office

Steven Newman – Head of Fraud Defence, Ministry of Defence

Alasdair MacFarlane – Head of Corporate Security Services UK & Ireland, RBS Group

Location: Ministry of Defence, Main Building, Whitehall, London, SW1A 2HB

This is a free conference and refreshments will be provided.

Places are limited and will be allocated on a first come, first serve basis. To register your place please email

The agenda will be supplied at a later date. If you require any more information about the event, please do not hesitate to contact the Fraud Defence team at

British Armed Forces Re-launches Food Requirement

Are you interested in supplying food to the British Armed Forces in the UK? Do you supply frozen, ambient or chilled foods? Are you a small or medium sized enterprise? Do you operate at either a regional or national level?

The Ministry of Defence is re-launching its food supply solution to meet the needs of the British Armed Forces in the UK and is interested in seeking your views as to how the requirement might be best met.

Please join us at one of our regional engagement sessions at the following dates and locations:

  • Cardiff – Monday 4th April 2016
  • Donnington – Monday 4th April 2016
  • Exeter – Tuesday 5th April 2016
  • Chorley – Tuesday 5th April 2016
  • Reading – Wednesday 6th April 2016
  • Glasgow – Wednesday 6th April 2016
  • Cambridge – Thursday 7th April 2016
  • Lisburn – Thursday 7th April 2016


These sessions will provide you with the opportunity to tell us what you think and for the MOD to give you some more background and details.

To register your interest and book and appointment at your preferred location, please email Alex Potter on by Wednesday 30th March.

The MOD is currently developing its procurement strategy for this requirement and has initially sought views from industry via a Prior Information Notice (PIN) published in the Defence Contracts Bulletin (18th December 2015).

National strategy for maritime security launched

Bow section of HMS Queen ElizabethThe UK’s national strategy for maritime security has been launched by Stephen Hammond MP, Parliamentary Under Secretary of State for Transport. The strategy outlines, for the first time, the UK’s approach to delivering maritime security at home and internationally, setting out how the UK organises and uses its extensive national capabilities to identify, assess and address maritime security challenges.

Maritime security is a cross-government activity which brings together 16 government departments and agencies. At the forefront of these are the Foreign and Commonwealth Office, the Ministry of Defence, the Home Office and the Department for Transport.

The strategy outlines five priorities: promotion of a secure international maritime area where international maritime laws are upheld; helping other nations develop their own maritime security; protecting the UK and the Overseas Territories; assuring the security of vital maritime trade and energy transportation routes; and protecting the UK and the Overseas Territories from illegal and dangerous activity.

The strategy also introduces a robust government approach to maritime security decision-making and confirms the UK’s commitment to preserving the flow of maritime trade and upholding international maritime law.

Testing: one, two, three

Foxhound Light Protected Patrol Vehicle (LPPV).Qualification testing is an integral part of the development and purchase of new defence equipment. MOD DCB reporter Paul Elliott spoke to Brendan Wall, Sales Director of testing and certification company TRaC Global, about the importance of testing and the role it plays in the procurement process.

Testing is required to confirm that a particular piece of equipment meets the necessary national and international standards and legislation and helps manufacturers and suppliers to maintain credibility with their customers. Safety of equipment is of paramount importance, particularly in defence, and that’s where testing comes into play. Failing the testing process can be a costly business for developers but it is preventable. Engaging with testing early on in the design process can not only save you money but actually help you win contracts.

In addition to testing the functionality of the product or system, there are many different types of tests, and arguably two main areas in defence: Environmental Testing, which is mechanical engineering based; and Electromagnetic Compatibility Testing (EMC), which is electronic engineering based.

Environmental Testing examines the ability of a product to withstand the environment within which it has to operate, be stored or be transported. Environments such as deserts or arctic waters are harsh and can have an adverse effect on military kit so it is important to ensure that equipment won’t fail in such conditions as the consequences could be dire should this occur.

EMC Testing aims to ensure that when a product or system is deployed it does not generate electronic noise (which could cause an issue for other electronic equipment) and ensures it is going to work correctly in the environment. An everyday example of this would be holding a mobile phone near a stereo speaker and hearing an interference noise – this is just an inconvenience, but in a military or aerospace setting a piece of equipment such as a rugged PC should not interfere with radio communicating equipment. For example, if a soldier comes under fire, they need to be able to ensure that their radio message gets through so they get the support they need.

Passing the EMC tests can be a real design challenge as the electronics on vehicles can be complex. For example, there are electronic counter measures on vehicles that are intentionally trying to disrupt IEDs, and obviously cause a lot of interference. The rest of the equipment on a military vehicle has to be resilient to these electronic counter measures.

TRAC Chamber 2TRaC Global is a UKAS-accredited testing and certification company that helps its clients achieve product compliance. TRaC provides the assessment route for product manufacturers and designers to ensure they fulfil their legal and contractual obligations and demonstrate full compliance with the requirements of countries around the world. The company has six labs in the UK, three of which specialise in defence and aerospace testing, and the company offers both Environmental and EMC Testing services.

Brendan Wall, TRaC Global’s Sales Director, said: “Let’s say a ship, vehicle or aircraft has hundreds of electrical systems on it – they have got to live in perfect harmony. If you connect two devices together they shouldn’t interfere with each other – they should work. Behind that there’s a lot of engineering to get it right. So you design it for functionality and for compliance with the environment it’s going into. Testing establishes if it’s going to interfere with other bits of kit or if it’s going to be electrically noisy. If it’s a piece of stealth equipment it can’t be giving off an electronic signature that can be picked up by opposing forces. It’s important to determine if equipment will be reliable.

“It’s also to do with the mechanical environment: equipment going to hot places, dusty places, sandy places, or equipment on a vehicle that is experiencing lots of vibration. You can imagine if you lift the bonnet off your car with the engine running there’s lots of things vibrating, getting hot, getting cold – you have to ask if its components will survive that. So we test equipment because when the Forces need the kit to work, it must work every time. Unreliable equipment can cost lives.”

Every time the Ministry of Defence procures a new vehicle it has very harsh requirements that it must survive. Ultimately testers are trying to replicate real operating environments, which could be anywhere on the globe. This is done using EMC and environmental chambers where various environments can be replicated to subject equipment to heat, cold, dust and a lot of electrical interference in order to see if that piece of equipment can survive.

Large_Drive-in_EMC_Test_ChamberAccreditation is important. Organisations offering testing services should be accredited by the United Kingdom Accreditation Service (UKAS) to an international standard for test laboratories, and in the defence world the UKAS accreditation is the general required level of assurance. If the tester is UKAS-accredited then customers can be comfortable that the test report they get in the end is credible.

Although testing plays an important role in the procurement of equipment it usually happens right at the tail end of the process. It’s a high-pressure point because it’s one of the last obstacles for developers before getting their product to market.

Mr Wall continued: “Invariably the programme is running late so the customer is up against tight deadlines and if there’s a failure at that point it’s quite a stressful situation for them, their customer and us. So we’re increasingly getting more involved on day one of projects to give support, advice and technical expertise.

“Designing in compliance gets them through testing first time. The end is an expensive place to fail a test; you don’t want to learn the month or week before product launch that there’s a problem.”

Encouraging designers to think about product compliance and qualification from day one could help avoid the dreaded scenario of designing a product that fails testing. It makes perfect sense for testers to work closely with design teams at an early stage in product development cycles to build in the attributes that will steer the product away from the compliance and approvals pitfalls. In theory, an approach such as this will help equipment achieve first-time success when a project reaches the testing, approvals and certification phase.

The message about getting testing involved early in the design process is one that Brendan Wall believes is highly important. He stressed: “Early stage qualification is the key message. Testing might be regarded as fairly commoditised – after all there are a number of test labs – but actually many products still fail testing and that sets them back.

“They are under tremendous pressure to deliver and if you’ve got things like an Urgent Operational Requirement (UOR) then that equipment is needed right here, right now in the field. It’s not like some of the bigger programmes that might take six or seven years of development where there’s a bit of slack; if it’s a UOR people need the equipment quickly and they need it to be safe and reliable.

Early integration of testing can have further benefits in addition to passing the testing process first time. For defence companies developing military equipment, the inclusion of the expertise of testing professionals at the bid stage could be significant in winning contracts. At the bid stage, bidders have to demonstrate how they will comply with requirements, and working with testers at this stage can furnish added technical knowledge to support the bid and demonstrate exactly how requirements will be complied with. A credible solution in a bid that scores well when it comes to the assessment stage could be the difference between winning a contract and narrowly missing out.

Testing is vital to the development and procurement of reliable, and often urgently required, defence equipment. Safety of equipment is always paramount and is the driving force behind the testing process. Working with testers early in the design stage can help avoid failure when testing for certification as well as the economic consequences of such failure. It can also help develop contract-winning solutions with overall benefits for both the business and the end users. Testing is nothing to be scared of; if anything it should be embraced and integrated early into the process of making kit better, safer and more cost-effective.

For more information, visit:

Welcome to MOD DCO Free Webinars: A new way to win more business with DCO!

tick_stxA6D9We are delighted to launch a new programme of DCO webinars designed to help you win more business with MOD DCO. We kicked off our new webinar schedule on Wednesday 30 October, and with an outstanding response from DCO free registrants eager to optimise their use of DCO our first webinar was fully booked!

DCO registrants joined our defence contracts sourcing expert Barry to explore how the MOD is helping suppliers win more business, to discover where the MOD plans to spend £160bn in the next 10 years as detailed in the Department’s Equipment Plan, and importantly to learn how to optimise DCO to search for contracts and win more business.

Webinar attendees were then given the chance to ask their questions and have them answered by our experts; some of these questions are detailed below.

Q: How does DCO differ from the Government’s Contracts Finder website?

A: MOD DCO is the only official source of MOD contract opportunities. MOD commercial staff create, submit and advertise their relevant tender and contract notices valued at £10,000 and above on the MOD DCO portal, therefore DCO is the first and only official publisher of MOD contract opportunities over £10,000.

Q: In the awarding authority option box what is the word or phrase that should be used to receive only MOD contracts?

A: MOD DCO is designed to help you optimise your business, therefore during your search you may see examples of contracts that are suitable for your business outside the MOD. However, if you only wish to view MOD contract opportunities then within the awarding authority option box enter: “MOD”, “DE&S” and “defence”.

Q: If you have a question about a contract on offer, who do you contact – the company offering the tender directly or DCO?

A: If you have any questions regarding a contract on offer then please speak to the awarding authority detailed on the contract. However, our defence contract sourcing experts are on hand if you require any assistance – email:

Q: What is the difference between MOD DCO and the Defence Contracts International portal?

A: MOD DCO provides you with access to all MOD contract opportunities over £10,000. However, Defence Contracts International (DCI) provides you with all the content available on DCO PLUS access to further defence and security industry contracts including the aerospace, aviation, counter terrorism, emergency services, homeland security and humanitarian aid sectors in the UK, Europe and Globally.

If you missed out on our first DCO webinar you have another chance to join the conversation. With only a limited number of places available register today to avoid disappointment:

MOD DCO WebClinic: Create a Winning Alert Profile 1st December 2020 - 11:00

DCI WebClinic: How to Find and Win New Defence and Civil Business 8th December 2020 - 11:00

Are you ready to win more business with MOD DCO?

Cyber security: protection through partnership

Peter ArmstrongThe Ministry of Defence has set out to boost the UK’s cyber security, in partnership with a number of the country’s leading defence firms. Here, Peter Armstrong, Director of Cyber Security at Thales UK, one of the firms involved, outlines for MOD DCB the partnership’s key priorities for the year ahead.

A report released earlier this year by KPMG revealed that British FTSE 350 firms are failing to keep their networks safe, and as a result are putting the safety of Britain’s economy and national security under threat due to simple flaws in web security. And it’s not just the larger firms that are causing concern; a survey by McAfee also highlighted that despite British small and medium-sized enterprises (SMEs) providing training in IT and security, their employees often fail to prevent breaches and data leaks. As the number of threats to British businesses rises month on month, the cyber support to allow British firms and their suppliers to help prevent the nation coming under attack becomes ever more critical.

The Ministry of Defence has acknowledged the need for better cyber security by launching the Defence Cyber Protection Partnership (DCPP) in conjunction with other government agencies and nine UK defence and telecoms firms including GCHQ, BAE Systems, BT and Thales UK. The partnership’s main focus will be to reduce threats to the UK’s defence supply chain, particularly from the aggregation of low-level risks, with the intention of eventually filtering the output down to benefit trade and industry too.

DCPP: just another cyber security partnership?

The creation of the DCPP intends to build upon the UK’s ongoing commitment to the reinforcement of the UK as a safe place to do online business; it is an important government-industry cyber initiative formed to improve the cyber defences of the MOD’s supply chain. The DCPP will work to define and apply a new standards framework that protects investments already made in cyber security, eventually rolling it out to the whole defence industry. It will achieve this by setting high standards, developing best practice, sharing real-time information about the type and extent of cyber attacks that each company is experiencing, and raising the awareness and defence posture in the defence supply chain.

Understandably there may be questions around why the Government needs to launch yet another private/public sector cyber security partnership – surely there are enough of those already? It has been compared to the Cyber Security Information Sharing Partnership (CISP) which launched in March this year to encourage information and intelligence sharing across the private and public sectors. The DCPP, though, has a clear remit to augment, refine or accelerate existing initiatives and as such will support CISP and other initiatives in this field, avoiding duplication but reinforcing the overall cyber defence posture, according to the MOD.

There will be three key activity streams to the DCPP in 2013: information sharing; development of threat-derived cyber standards and a measurement framework (spearheaded by Thales); and communication and awareness in the supply chain. The partnership will address the lack of awareness of cyber risks across the supply chain, with the DCPP partners all collaborating on these activities with a clear focus to improve standards and practices of cyber defence in the whole MOD supply chain.

Protecting the supply chain

The protection of UK companies from cyber attack is one of the most pressing national security issues of the day, identified as a UK National Tier 1 Threat, and the DCPP will encourage the supply chain to embark upon this improvement journey together, both requiring and fostering collective responsibility. Typically, companies’ IT systems and networks must, by necessity, carry large amounts of highly sensitive information, enticing cyber crooks and increasing the impact that any potential attack could make tenfold. Aeronautics giant and IT supplier to the US Pentagon, Lockheed Martin, learnt this lesson the hard way when it famously came under attack in 2011 as a result of hacks at two of its suppliers. This is a classic example of aggregated low-level risk at work.

There are currently over 50 security regulatory standards in existence across the globe, which are adopted by companies according to their geography, industry sector and unique security compliance needs. For multi-national and/or multi-sector organisations this creates a massive compliance headache when trying to improve the security maturity of one’s supply chain. The DCPP intends to create a framework that straight-forwardly compares the effectiveness of these many standards when measured against the threat-derived controls that the MOD is requiring its suppliers to embrace. This will allow organisations that have already invested in a compliance regime to preserve their investments and only augment their regime with a few additional threat-derived controls. The new framework will utilise an easy to use set of assessment frameworks with an easy to understand formula to determine the level of rigour different organisations need to apply to defence in the context of these controls.

Once the DCPP has produced its assessment framework and ensured the members themselves are complying, the members will start extending the compliance to these controls throughout their supply chains, including SMEs. In 2014 the partnership will open up its membership to other firms and eventually to firms in other industries, enabling greater collaboration across the country to tackle the growing threat of cyber attacks on the supply chain.

Spreading the word

The DCPP will enable a collaborative approach to cyber defence across the entire MOD supply chain, and will ensure that every stage of the procurement, manufacturing and delivery process is as secure as it can possibly be. It is imperative that UK businesses acknowledge that cyber attacks are now ranked as a Tier 1 threat to national security, and understand that any company of any size can be hit in a chain of attack.

For more information, visit:

MoD Industry Briefing

28 June – MoD intends to hold an Industry Briefing on 26 July 2013 at Intellect EnterMinistry of Defenceprise Ltd, Russell Square House,10 – 12 Russell Square, London, WC1B 5EE.  The event will commence at 1000hrs and is expected to conclude around 1600hrs.

The aim of the event is to update Industry on the LE TacCIS Programme.  This centres upon a need to ensure demonstrable value for money whilst simultaneously bearing down upon non-essential costs.  Also, in the current economic climate, it is even more imperative that industry and the MoD work together to deliver the required capability at reduced cost whilst ensuring a fair and equitable return for industry in a more transparent environment.

The day itself will consist of MoD outlining its latest thinking on the roles and responsibilities of a Delivery Partner, and the support required of a ‘Systems House’ for the development of High Level Design Requirements.  BATCIS will outline its current views on potential acquisition approaches.  This would be followed by targeted workshops to enable an early exchange of views.

Industry representatives who can contribute to the technical, commercial and business aspects are invited to register their interest in attending by the closing date of 08 July 2013. Due to limitations on numbers at the venue, preference will be given to companies with current involvement in a relevant Communications and Information Systems environment and, not necessarily current Defence suppliers of CIS elements.  In order to maximise participation in this event, BATCIS reserve the right to admit only one representative per company. Consequently, delegates are requested to submit names on ‘1+1’ basis where, if the event is over subscribed, the second named delegate would not be invited.  Any company who has expresses an interest in the Industry Day but is unsuccessful in securing a place will be sent the outputs.  The event is open to large, medium and small enterprises.


The ‘Systems House’ Construct will develop High Level Design Requirements for the LE TacCIS programme, will be selected by competition and provide expertise in the tactical communications market.

The Customer Friend role and Legacy Support aspects of the LE TacCIS programme are subject to ongoing competition and will not be discussed at this event.

Expressions of interest should be sent by Email to:

Where a representative’s Company holds/has recently held a contract within Defence CIS please state the contract number and your company’s role.

Changes to the procurement regulations: a decision that will keep Britain secure

Secretary of State for Defence The Rt Hon Philip Hammond MPNew proposals could save the taxpayer hundreds of millions of pounds by changing the rules governing how Ministry of Defence contracts are awarded. Here, MOD DCB outlines the main points contained within the Government’s recent Better Defence Acquisition White Paper.

New proposals have been announced that could save UK taxpayers hundreds of millions of pounds by changing the rules which regulate the award of Ministry of Defence contracts. The motion will see the creation of a new body to replace the existing Defence Equipment and Support (DE&S) organisation and the strengthening of the arrangements governing the procurement of equipment where the MOD is unable to source its requirement through open competition.

Set out by Defence Secretary Philip Hammond, the proposals to revise the single source procurement regulations form part of the Government’s newly published White Paper, Better Defence Acquisition. It is envisioned that the MOD will save up to £200 million a year by reforming its existing arrangements for defence equipment delivery, equipment support and logistics supply.

The White Paper outlines plans to establish a new, independent body to oversee contracts that are required to be awarded without competition, either because of specialist Armed Forces requirements or for national security reasons.

Mr Hammond said: “This White Paper represents another significant step in tackling the problems underlying defence procurement. I remain committed to driving structural and cultural change at DE&S to ensure that projects are delivered on time and on budget.”

Almost half of the money spent on defence equipment every year is awarded through single source procurement under a system that has been largely unchanged since 1968. The current rules have made it difficult for the taxpayer to obtain value for money because of a lack of transparency and competition in single source contracts, leading to unreasonable profits for suppliers. In 2011, the MOD asked Lord Currie to carry out a review into the system, which resulted in a new framework being recommended.

Following extensive consultation with industry, the MOD has decided to take forward Lord Currie’s recommendations and create a Single Source Regulations Office that would independently oversee a system to provide a fair profit for companies alongside incentives to bear down on costs.

The White Paper identifies the three root causes of the problems that have been experienced with the current system: an over-heated Equipment Programme; an unstable interface between those parts of the MOD which request equipment and support services and Defence Equipment & Support, which delivers them; and a lack of business capability in processes, tools and skills, including management freedoms.

Head of Defence Equipment and Support, Chief of Defence Materiel Bernard Gray, said: “Starting the legislative process now means we will be able to implement the chosen model as quickly as possible once a decision has been made about the future of DE&S.”

The MOD has recapitulated that its preferred approach to procurement is through open competition in the domestic and global market, as set out in the National Security Through Technology White Paper published in February 2012. However, defence equipment often requires advanced and specialist technology, which means procurement options can be limited to a single supplier to ensure the correct capability is acquired.

Single source procurement has averaged over £6 billion a year over the last five years, as stated in Better Defence Acquisition,and it is likely that it will remain a significant proportion of MOD procurement in the future.

Trade organisation ADS welcomed the MOD’s decision to opt for change, arguing that a strong focus should remain on sustainability.

Paul Everitt, Chief Executive of ADS, said: “We recognise that the priority for the MOD is to balance value for money while delivering the capability the Armed Forces require and we welcome initiatives to reform and improve processes.

“When it comes to procurement, the focus should be on the long-term sustainability of the UK’s defence capabilities. The Single Source Regulations Office is intended to provide more transparency between the defence industry and the MOD, offering an opportunity for better project management and greater efficiency. It is important that the new framework is developed in collaboration with all stakeholders, including industry, to deliver the confidence suppliers require when tendering for single source contracts and the best advantage to the taxpayer and the Armed Services.”

The MOD also released plans within Better Defence Acquisition to reform the Defence Equipment and Support procurement organisation following the July 2012 announcement by the Secretary of State for Defence that DE&S could potentially become a Government-Owned, Contractor-Operated (GOCO) entity.

Work undertaken to date suggests that the strategic case for DE&S to become a GOCO is stronger than that for other options within the Materiel Strategy programme, following a Value for Money assessment. This has led to a focus on developing and testing the GOCO option further and, in parallel, consideration of a second option which seeks to deliver the identified benefits of the GOCO model while remaining fully within the public sector, known as DE&S+.

The MOD is proposing to let a contract with a contracting entity to operate on behalf of the MOD a limited operating company to which certain services currently being provided by DE&S (the ‘deliverer’ role) would be transferred, together with the employees providing those services; and to provide and improve the MOD’s defence equipment, support and logistics acquisition services, enhancing business capabilities by introducing best-in-class processes, tools and skills, and controlling the management and operation of DE&S.

The contract would be managed by a governor function, which will sit within MOD Head Office.

The contracting entity’s core role (through the operating company) would be to act as the deliverer and to inform and deliver the equipment and logistic components of each of the MOD requester’s plans. The contracting entity and the operating company would also provide delivery performance and financial reporting, including input to Parliamentary reports. They are likely to continue to play a key role in contributing to pan-MOD standards, policies and strategies (eg with respect to equipment safety, commercial operations and supply chain management, including the strategic industrial landscape), but ownership of such standards, policies and strategies would be retained in the MOD.

Defence Secretary Philip Hammond said: “For decades, MOD has been at a disadvantage in commercial negotiations and reforming single source procurement will radically change how MOD conducts a high proportion of its business. The new independent body will deliver a more effective and efficient way of providing the specialist capabilities our Armed Forces need to keep the United Kingdom secure, and at the right price.”

For more information visit:

IdAM: Identity and Access Management in Team Defence

FingerprintThe UK Council for Electronic Business is actively pursuing joint work in federated Identity and Access Management across Team Defence. Here, Carl Billson of UKCeB explains the context, benefits and opportunities associated with IdAM.

‘On the Internet, nobody knows you’re a dog’ is the caption from an iconic magazine cartoon from 20 years ago, featuring a dog, seated a computer, making this remark to his canine friend. We value the competitive advantage from working digitally. Realising that means we need to be confident that the online representation of a person is tied directly to their real-world identity.

A Ministry of Defence strategy paper from 2010 ‘Defence Identity and Access Management Strategy 2010 – A sub-strategy of the MOD Information Strategy’ (known as MODIS 2009) describes Identity and Access Management (IdAM) as an ‘integrated set of policies, processes, standards and technologies that creates and manages digital identities and associated access privileges’. It adds that credentials such as smart cards and security tokens are used as part of establishing identities for controlled access to resources.   

The MOD vision in this paper is for a federated IdAM capability that provides trust in identity across the MOD and its partners throughout operational, support and business areas.  An example of what this means in practice is Single Sign-On to IT systems both within an organisation and its partner organisations. 

Within the MOD, the CIO takes a lead for IdAM and is a contributor to the pan-Government policies where IdAM is integral to achieving greater levels of ‘joined-up’ Citizen IT. There are equivalent programmes in other governments, such as FICAM (Federal Identity, Credential and Access Management) in the US. 

One key part of all these programmes is creating a digital credential, the equivalent of the ID card we use for physical access. One technology that is used in this area is PKI. Digital PKI certificates provide a mechanism for an individual to authenticate in an assured manner. Trust in these certificates can be extended to other organisations through ‘trust hubs’ such as the US Federal Bridge and the Certipath commercial bridge.

Many governments and large corporations are investing in this technology. Some of them have joined together in the Transglobal Secure Collaboration Program  (TSCP) to form a ‘government-industry partnership concerned with mitigating risks related to compliance, complexity, cost and IT inherent in large-scale and collaborative programmes that span national jurisdictions’. TSCP has published specifications and guidance that addresses a second challenge: providing information to a system so that it can control the scope of access that a user is permitted. This work addresses the complex requirements of export control and intellectual property protection through the exchange of identity assertions that describe user access privileges.

UKCeB has an ongoing series of IdAM workshops where members are involved in issues such as scenarios, policies, architectures and engagement of Small and Medium-sized Enterprises. UKCeB and the MOD have joint work planned for 2013. If you wish to learn from, contribute to and benefit from these activities around IdAM, please contact the UKCeB via its website.