In today's rapidly changing world, one thing remains constant - the need for security. So how can the UK’s defence industry defend against cyber security threats? With defence supply chain vulnerabilities identified as a key target, how can it be defended successfully?

To explore how defence companies can help defend the Defence supply chain against the cybersecurity threat, Chief Disuptor hosted a virtual round table in partnership with Tanium and Capgemini. 

We began with a presentation from Air Commodore Mike Wilson, Head of Cyber Governance, Risk and Compliance, Ministry of Defence. Mike highlighted the collective responsibility in the defence sector to fortify cyber defences. This included prioritising cyber defences in board meetings, evaluating current security measures and funding, and preparing for cyber attacks through testing. “Secure By Design” aims to make security a top-level consideration. The cybersecurity model emphasises factors like criticality, threat nature, and resilience aligned with industry best practice for a more secure future. Throughout the presentation the mantra “do the work” was repeated, demonstrating a paradigm shift from cybersecurity being a blocker to an enabler. Cybersecurity can provide an operational advantage in a safe way.   

As we moved into the roundtable discussion, held under the Chatham House Rule, we delved deeper into critical themes, providing a multifaceted perspective on emerging cybersecurity challenges. Collaboration, information sharing, lessons from other sectors, and effective communication with decision makers are key factors in strengthening cybersecurity efforts within supply chains.

1) The universal nature of cybersecurity threats
Cyber threats affect a wide range of industries with attackers employing similar tactics across sectors. By looking at Defence as 80% similar to other sectors, as opposed to 80% different, this will allow the Defence sectorto take away some valuable lessons.

2) Collaboration and information sharing 
Given the size and maturity of the Defence sector, there is huge importance in applying consistency across the Defence entire supply chain. This will allow organisations to identify and address issues swiftly and collectively. Furthermore the discussion emphasises the value of this consistency extended into information sharing, and the potential benefits of automating security rules to reduce human error and enhance security across the supply chain. 

3) Accountability 
The general push of Secure By Design is to drive organisations to take ownership of their own security. With SROs being responsible and accountable for delivering secure systems this should cascade throughout the entire supply chain. 

4) Communication to decision makers
Cybersecurity experts must convey the critical nature of cybersecurity measures in terms that resonate with leaders who may not have a deep technical understanding. By condensing only the really important variables that the decision makers need to know, this will enable better communication. 

There is no doubt that the importance of securing the supply chain in the defence industry is vital. If you would like to be part of the conversation at Chief Disruptor join our growing community here.

Forthcoming activities:

• Reserve Forces (RF30) Webinar - 9 November 2023 16.00 - 17.30 BST 
• Evolving your Cybersecurity Strategy and Roadmap - 12 January 2024 08.45 - 10.00 BST