Assure Technical Leads the Way as a Level 1 Certification Body for Defence Cyber Certification
26th Nov 2025
Speak to an expert
Speak to an expert
26th Nov 2025
Assure Technical is proud to announce that we are a Level 1 Certification Body for the Defence Cyber Certification (DCC) scheme, as administered by IASME on behalf of the Ministry of Defence (MOD).
This recognition strengthens our position as a leader in defence cybersecurity assurance. It also demonstrates our continued commitment to helping organisations improve resilience, meet compliance standards, and protect the UK’s defence supply chain.
“Having served in the Armed Forces, I understand first-hand the critical importance of trust, assurance, and cyber resilience in defence,” says Pete Rucinski, Managing Director of Assure Technical.
“DCC is a vital step forward for the MOD supply chain, and we are proud to help lead that journey by making certification clear, structured, and achievable.”
The Defence Cyber Certification (DCC) scheme forms part of the MOD’s strategy to strengthen cybersecurity across the entire defence ecosystem. Developed with Defence Digital and the National Cyber Security Centre (NCSC), it introduces a clear, structured, and proportionate approach to assurance.
The DCC replaces the existing Cyber Risk Profiles governance framework and has four levels, aligned to differing levels of contract sensitivity risk:
This model ensures that every supplier meets the right level of cybersecurity assurance based on the nature of their engagement.
Cyber threats to defence are rising sharply. The NCSC Annual Review 2025 recorded 204 nationally significant cyber incidents – more than double the previous year. Meanwhile, global research suggests 35% of cyber incidents now involve third-party suppliers.
These figures underscore why the DCC is so important. It builds a consistent and transparent standard across the supply chain, reducing risk and reinforcing national resilience. Moreover, it helps every supplier play a measurable role in protecting sensitive information.
The Cyber Security Model (CSM) sets out how defence suppliers demonstrate their assurance level. In late 2025, Defence Digital and the NCSC launched the new online service for CSM Version 4, marking a major step towards stronger cyber resilience.
However, Defence Digital has delayed the formal contractual invocation of CSM Version 4. This decision gives suppliers more time to adapt to the new system. During this transition, organisations should continue using Version 3 of the Cyber Security Model and its interim process for raising and responding to risk assessments.
At the same time, suppliers are encouraged to explore the new Version 4 online service and its guidance, available on the GOV.UK Cyber Security Model page. Doing so will make the eventual switch smoother and faster.
This transitional period offers a valuable opportunity to prepare. Suppliers can strengthen their defences, identify potential gaps, and engage with expert certification bodies before Version 4 becomes mandatory.
As a Level 1 Certification Body, Assure Technical is authorised to assess and certify organisations against the DCC’s foundational controls. We take a proactive approach, guiding suppliers through every stage of preparation and certification.
Our assessors bring deep experience in cybersecurity assurance, risk management, and MOD compliance. They help clients interpret requirements, implement improvements, and gain certification with confidence. Rather than simply verifying controls, we help organisations embed stronger, sustainable security practices.
The direction of travel is clear. Once CSM Version 4 is formally invoked, DCC certification will underpin cyber assurance for all MOD contracts. Acting now means fewer delays, greater readiness, and stronger credibility in the eyes of defence partners.
Cyber incidents remain a pressing concern. In 2025, 43% of UK businesses reported a cyber breach, according to government data. For defence suppliers, the stakes are even higher. Early engagement with DCC standards signals responsibility, maturity, and reliability.
Therefore, suppliers who prepare now will stand out as trusted, secure partners ready for the future of defence contracting.
Assure Technical has supported the defence sector for years through Cyber Essentials, IASME Cyber Assurance, and other recognised frameworks. Becoming a Level 1 Certification Body under the DCC builds naturally on that experience.
We are already helping organisations understand how DCC and the Cyber Security Model interlink. Furthermore, we are working to make certification practical, beneficial, and aligned with real-world defence challenges. Our mission is to raise standards while ensuring certification adds tangible value.
If your organisation supplies to the MOD – or intends to – you need to understand Defence Cyber Certification and how it will affect future contracts. Preparation today ensures compliance tomorrow.
👉 Contact Assure Technical to learn how we can help you prepare for DCC, navigate CSM Version 4, and build long-term cyber resilience.
Get in touch with our expert consultants for straight-talking, jargon-free technical security advice.
