Defence Contractors mandated to gain Cyber Essentials certification

Defence Contractors mandated to gain Cyber Essentials certification

8th May 2019

New guidelines from the Defence Cyber Protection Partnership (DCPP) state that Defence Contractors who supply the Ministry of Defence (MoD) must attain Cyber Essentials at the most basic level.

The guidelines, which were released on 25 March 2015, have categorised the cyber risks associated with individual contracts into five levels: Not Applicable, Very Low, Low, Moderate and High. Cyber Essentials Plus is required at levels Low and higher; at the lowest level, only Cyber Essentials is required. However, contractors are "encouraged to do more".

This latest publication demonstrates how seriously cyber security is being taken at all levels. Interestingly, emphasis is now being placed on Defence Contractors to ensure that companies in their supply chain are secured with Cyber Essentials too.

So, if you're a Defence Contractor supplying the MoD, or a sub-contractor working with a Defence Contractor, and you need to know more about Cyber Essentials or Cyber Essentials Plus, get in touch and we'll be happy to help you through the process.

The DCPP guidelines for Defence Contractors can be found at

By Emma Davis - Head of Testing & Training

Written by Stuart Green - Managing Director