nCipher Security enables compliance with key provisions of the UK Ministry of Defence’s DEFCON 658



Active now


The UK Ministry of Defence’s (MOD) DEFCON 658 aims to protect the defence supply chain from cyber threats, and applies to organisations that are suppliers or wish to become suppliers to the MOD on contracts that handle MOD Identifiable Information (MODII).

nCipher provides tools to help you comply with DEFCON 658, including:

  • Certified hardware to support strong authentication processes

DEFCON 658, which took effect in October 2017, is a procurement protocol on cybersecurity that requires all suppliers to Defence who bid for new contracts that necessitate the transfer of MODII to abide by DEFCON 658 and meet the standards mandated in DEFSTAN 05-138. Notably, adherence to DEFCON 658 extends to the supply chains (sub-contractors) of the suppliers themselves.


Where DEFCON 658 applies to all suppliers throughout the MOD supply chain where MODII is involved, organisations that do not adhere to its requirements will not be able to participate in MOD contracts.

Compliance Summary

The DEF STAN 05-138 includes several controls specific to the protection of sensitive information, as outlined below.

nCipher provides data security solutions that help address these controls, as indicated. Note that while the controls are defined based on the risks associated with the contract (Low, Medium or High), nCipher’s solutions apply across similar controls simultaneously, and are therefore consolidated below.

Control Measure nCipher Coverage
H.08 Undertake administration access over secure protocols, using multi-factor authentication. Strong authentication rooted in hardware. nCipher nShield hardware security modules (HSMs) provide a Common Criteria-certified root of trust for strong authentication processes. nShield HSMs help create high-assurance systems to authenticate users accessing sensitive network resources through internal systems, websites and mobile devices.

Compliance Brief : DEFCON 658

Thales eSecurity’s data security solutions provide the tools you need to demonstrate compliance with DEFCON 658 and that your business is viable to participate in valuable MoD contracts. Download the brief to learn more.


Other key data protection and security regulations




Active Now

The eIDAS regulation has been developed to establish a single European market for secure electric commerce, impacting any organisation that handles online transactions with European citizens.

Learn More




Active Now

The data security requirements of PSD2 are still evolving and are expected to call for a suite of industry best-practice solutions combining better security with high user satisfaction levels.

Learn More
Contact a Compliance Specialist Contact Us
Read the Compliance and Regulations Solutions Handbook Read the eBook
Want to be part of our team? Explore
Get in contact with a specialist Contact Us