Department maintains emphasis on cyber risk based approach with new contract with specialist SME
The Department for Work and Pensions (DWP) has stuck with SME Auriga Consulting to supply a security assurance service, with a new two-year deal that will step up its emphasis on a cyber risk based approach.
The company has said that it has succeeded in a retendering exercise after having supplied a service over the past two years.
Its approach to working with DWP focuses on identifying and assessing key areas of risk, and using the information to help decide when and where security controls are needed. This contrasts with an accreditation led approach to security, which emphasises compliance with regulations.
Auriga’s chief executive officer, Louise Dunne, said the cyber risk approach can make an organisation more responsive and adaptable to changing circumstances, and that there will be some shift in the approach to risks it takes with the DWP.
“The DWP is working with us to embrace change to ensure that UK citizens get the best possible security structure,” she said, adding that there is now a more agile environment in which the demands of cyber security do not have to be a blocker in digital operations.
“We’re now seeing the public sector no longer doing things the way they have always been done; there’s a hunger for change and excitement at the prospect of applying new dynamic strategies,” she said. “And that’s precisely what we’ll be doing during the next two years by working with the DWP to embed a cyber risk-led SAS that looks to use security selectively.”