Ask for support
There is no checklist for Secure by Design. What your team needs to do depends on your capability or service.
Before asking for support
Before contacting the Cyber Security Assurance and Advisory Services (CySAAS) team, you need to:
- follow Secure by Design guidance and recommendations
- talk to your security experts
- join a Secure by Design call
- ask the virtual assistant ‘Alix’
- talk to security software developers
Talk to your security experts
If you do not have a security expert on your team yet, check guidance on involving the right people.
You should ask your top level budget for advice. Check with your Principal Security Advisor or cyber risk team.
You can also get support from your security and software development communities.
Join Secure by Design calls
Learn what other teams are doing and ask your questions.
To join the calls, you need to work in the Ministry of Defence (MOD) or for one of our suppliers.
Find out how to join regular calls.
Ask for support
Your team should follow the Secure by Design approach before you can ask CySAAS if they can support you.
You should get a response within 10 working days. It might take longer during busy times.
If you work for MOD
You can send a request to CySAAS. You need to include:
- the name of your programme, capability or service
- your Defence organisation, for example the Army
- your specific question on Secure by Design
- any useful references, for example from the assurance tracker
- contact details of your security expert
On MODNET, submit a ticket through the service centre.
If you are a supplier with an MOD contract
You need to contact the person or team that issued your MOD contract.
Updated August 2024