Skip to main content

This is a prototype vision of how a future government service could work. It's not a real service yet, but we're exploring what it could look like. Your feedback will help shape the real service.

Secure by Design Up-skilling Challenge

Ministry of Defence Challenge

Solutions to this challenge may be eligible for campaign funding

Successful proposals could be developed into kickstarter-style campaigns with cross-sector commitment and MOD support.

Challenge Summary

How do we up-skill UK defence in ‘Secure by Design’ approaches?

MOD policy assumes that those engaged with ‘Secure by Design’ activities are suitably qualified and experienced. However, applying ‘Secure by Design’ requires a ‘one team’ approach across UK defence where different roles - both within MOD and the broader supply chain - play a part in delivering and maintaining resilient capabilities.

Each role is associated with a body of knowledge, and effective and efficient approaches are needed to deliver this knowledge to create a robust Suitably Qualified and Experienced Personnel (SQEP) pipeline.

Problem Context

The Ministry of Defence has mandated ‘Secure by Design’ approaches across all projects delivering capabilities or services, ensuring security is considered from the outset and through life. This represents a fundamental shift in design thinking about security, requiring new skills and competencies across the entire defence ecosystem.

Current Challenges

  • Skills Gap: Insufficient personnel with ‘Secure by Design’ expertise across MOD and supply chain
  • Knowledge Distribution: Fragmented understanding of what constitutes effective ‘Secure by Design’ knowledge
  • Training Delivery: Lack of scalable, effective mechanisms for delivering specialized knowledge
  • Competency Assessment: No standardized framework for measuring ‘Secure by Design’ capabilities

Scale of Impact

  • £50M+ annual value in improved security outcomes and reduced capability vulnerabilities
  • 10,000+ personnel across MOD and supply chain requiring up-skilling
  • Critical capability protection for national security interests
  • Supply chain strengthening to support UK defence industrial base

Challenge Requirements

We are seeking innovative solutions that address one or more of the following sub-challenges:

1. Mapping the Body of Knowledge

Challenge: Define the complete knowledge landscape for MOD’s ‘Secure by Design’ approach

Requirements:

  • Map relevant knowledge from the Cyber Security Body of Knowledge (CyBOK)
  • Identify intersecting knowledge areas (safety, software, systems, human factors engineering)
  • Define knowledge requirements for different roles and experience levels
  • Create a comprehensive curriculum framework

Success Metrics:

  • Complete knowledge mapping covering all relevant domains
  • Role-specific competency definitions
  • Integration with existing UK defence training standards

2. Delivery Mechanisms

Challenge: Create scalable, effective training delivery mechanisms for diverse audiences

Requirements:

  • Support for graduates, apprentices, and experienced professionals
  • Integration with undergraduate/postgraduate programmes
  • Flexible delivery models (online, in-person, blended)
  • Continuous learning and professional development pathways

Success Metrics:

  • Training programmes delivered to 1,000+ personnel annually
  • Integration with 10+ academic institutions
  • 90%+ completion rates with demonstrated competency improvement

3. Competency Frameworks

Challenge: Develop measurable competency frameworks for different expertise levels

Requirements:

  • Awareness, practitioner, and expert level definitions
  • Skills measurement and assessment tools
  • Career progression pathways
  • Industry-wide standards for MOD and suppliers

Success Metrics:

  • Standardized competency framework adopted across MOD
  • Assessment tools with validated measurement criteria
  • Professional certification pathway established

Proposed Solution Characteristics

Successful solutions should demonstrate:

  • Scalability: Ability to train thousands of personnel annually
  • Effectiveness: Measurable improvement in ‘Secure by Design’ capabilities
  • Integration: Compatibility with existing MOD and industry training systems
  • Innovation: Novel approaches to knowledge delivery and competency development
  • Sustainability: Long-term viability and continuous improvement mechanisms

Response Guidelines

Phase 1: Initial Proposal (Due: March 31, 2025)

  • Problem analysis and proposed approach (5 pages maximum)
  • Technical solution overview with key innovations
  • Delivery timeline and implementation plan
  • Team credentials and relevant experience
  • Initial cost estimates and resource requirements

Phase 2: Detailed Development (Selected proposals)

  • Comprehensive solution design and architecture
  • Pilot programme proposal for testing and validation
  • Business case with detailed cost-benefit analysis
  • Risk assessment and mitigation strategies
  • Campaign readiness plan for scaling successful pilots

Support Available

MOD will provide selected solution providers with:

  • Subject matter expertise access to ‘Secure by Design’ practitioners
  • Pilot environments for testing and validation
  • Data access to existing training programmes and competency assessments
  • Stakeholder engagement with key MOD and industry partners
  • Campaign support for successful solutions requiring cross-sector investment

Evaluation Criteria

Proposals will be assessed on:

  1. Innovation (25%): Novel approaches and technologies
  2. Feasibility (25%): Technical and practical viability
  3. Impact (20%): Potential for transformational change
  4. Scalability (15%): Ability to scale across defence ecosystem
  5. Team (15%): Relevant expertise and track record

This challenge connects with other MOD ‘Secure by Design’ initiatives:

Contact Information

Challenge Lead: Dr. Sarah Williams
Email: secure.design@mod.gov.uk
Phone: 020 7218 4000

Technical Queries: Prof. James Mitchell
Email: technical.queries@mod.gov.uk

Information Sessions

Regular information sessions are held:

  • Monthly briefings: First Thursday of each month, 14:00-15:30
  • Technical deep dives: On request for serious potential respondents
  • Industry forums: Quarterly meetings with key suppliers and academics

This challenge is published under the Secure by Design Problem Book initiative, supporting MOD’s commitment to improving security through collaborative innovation.