Monitor and alert
There’s only one way to address the constant threat to the DII infrastructure - from both within the UK and further afield - and that’s to put in place a strict monitoring and alerting regime across the entire DII estate. That’s exactly what the ATLAS Consortium has done for the MOD, delivering the capability to identify threats and resolve them. This isn’t a one-off action. The system is regularly audited to ensure in-service compliance with security controls and mitigations to known risks being constantly developed and improved.
Security drives design
There can be no compromise when it comes to protecting National Security. This is evident in the way ATLAS and the Defence Information Services Team carried out extensive risk assessments on the DII solution at an early stage, driving the production of hundreds of very detailed security requirements which were then applied prior to the design stage. With this approach, security helps dictate the design, rather than the design dictating the level of security.
Having set very high standards of security across DII, ATLAS also ensures these standards are maintained. For each change or release of new capability, there are rigorous risk assessments and accreditations to ensure the right security controls are always in place. Constant change is met with constant vigilance. ATLAS has delivered a secure infrastructure, providing security and resilience in its networks at a significantly higher level than the legacy systems it replaced.
Cyber security teams
As part of the DII programme, there are well developed joint working initiatives which draw upon the expertise of specialist security advisors, including CESG advisors from the National Technical Authority for Information Assurance. With ATLAS security experts in constant contact with cyber security teams in the MOD and Government, this ensures the latest security information is available, analysed and acted upon - and that incidents are documented and followed up appropriately.