nCipher Security enables compliance with key provisions of the UK Ministry of Defence’s DEFCON 658

EMEA

Regulation

Active now

DEFCON 658

The UK Ministry of Defence’s (MOD) DEFCON 658 aims to protect the defence supply chain from cyber threats, and applies to organisations that are suppliers or wish to become suppliers to the MOD on contracts that handle MOD Identifiable Information (MODII).

nCipher provides tools to help you comply with DEFCON 658, including:

  • Certified hardware to support strong authentication processes
Summary

DEFCON 658, which took effect in October 2017, is a procurement protocol on cybersecurity that requires all suppliers to Defence who bid for new contracts that necessitate the transfer of MODII to abide by DEFCON 658 and meet the standards mandated in DEFSTAN 05-138. Notably, adherence to DEFCON 658 extends to the supply chains (sub-contractors) of the suppliers themselves.

Non-compliance

Where DEFCON 658 applies to all suppliers throughout the MOD supply chain where MODII is involved, organisations that do not adhere to its requirements will not be able to participate in MOD contracts.

Compliance Summary

The DEF STAN 05-138 includes several controls specific to the protection of sensitive information, as outlined below.

nCipher provides data security solutions that help address these controls, as indicated. Note that while the controls are defined based on the risks associated with the contract (Low, Medium or High), nCipher’s solutions apply across similar controls simultaneously, and are therefore consolidated below.

Control Measure nCipher Coverage
H.08 Undertake administration access over secure protocols, using multi-factor authentication. Strong authentication rooted in hardware. nCipher nShield hardware security modules (HSMs) provide a Common Criteria-certified root of trust for strong authentication processes. nShield HSMs help create high-assurance systems to authenticate users accessing sensitive network resources through internal systems, websites and mobile devices.

Compliance Brief : DEFCON 658

Thales eSecurity’s data security solutions provide the tools you need to demonstrate compliance with DEFCON 658 and that your business is viable to participate in valuable MoD contracts. Download the brief to learn more.

Download

Other key data protection and security regulations

eIDAS

eIDAS

Regulation

Active Now

The eIDAS regulation has been developed to establish a single European market for secure electric commerce, impacting any organisation that handles online transactions with European citizens.

Learn More

PSD2

PSD2

Regulation

Active Now

The data security requirements of PSD2 are still evolving and are expected to call for a suite of industry best-practice solutions combining better security with high user satisfaction levels.

Learn More
Contact a Compliance Specialist Contact Us
Read the Compliance and Regulations Solutions Handbook Read the eBook
Want to be part of our team? Explore
Get in contact with a specialist Contact Us