The Ministry of Defence (MoD) is planning to automate its collection and analysis of data on cyber risks.
It has revealed plans to develop a cyber risk tooling capability to support the risk management team within its Cyber Security Operations Capability (CSOC), with the aim of having it in place by September.
The ministry has published a procurement notice for support in a design phase of the project, saying it wants to develop a solution that can be of immediate use but able to scale up as the cyber risk capability grows.
It wants a system that can ingest all data related to cyber risks – such as on threats, vulnerabilities and incidents – along with analytics and data exploitation functions to help it understand its cyber risk exposure.
The MoD already has a Defensive Cyber Capability with a core data lake that draws on a range of stakeholder sources. It said that any design of the new capability will have to align with this and be compatibile with Hortonworks Data Platform architecture, the Hadoop framework for data processing and RESTful APIs.
The plan marks a further stage in the MoD’s modernisation of its cyber security capability. Last week it launched a procurement for cyber vulnerability investigations as a service to support its CVI Ops Cell.