Skip to main content

The GDS Way and its content is intended for internal use by the GDS and CO CDIO communities.

Chief Digital and Information Office Teams

The Chief Digital and Information Office (CDIO) pillars each represent a number of teams working in a given area.

We work with the Cabinet Office, CDDO, CDIO and GDS teams to:

  • provide a common set of tools to support common problems
  • integrate and configure those tools
  • build and maintain a secure platform making it easy for teams to build services
  • provide Security Operations, Engineering and Architecture support

Change and Deliver

Change and Deliver contains the Digital Services, Digital Marketplace and GovWifi Teams. It provides account-level management for some tools and services. This includes support for:

  • Amazon Web Services (AWS) accounts
  • GitHub Enterprise accounts

CDIO Security

The CDIO Security Team aims to make the Cabinet Office, CDDO, CDIO and GDS more secure by ensuring:

  • they have a sustainable operational security capability able to respond 24/7, 365 days a year
  • they are more difficult to attack, and attacks are less likely to succeed
  • successful attacks are likely to be detected quickly

The CDIO Security team:

Use threat intelligence to inform strategy

The CDIO Security team uses threat intelligence to inform and prioritise security risks and apply the appropriate and proportionate level of security controls.

The team’s strategy uses:

  • threat intelligence to inform their priorities
  • security risks to inform their work
  • user needs to inform how they minimise security risks

Focus on delivery

The CDIO Security team is split into two teams, Cyber Engineering and Cyber Defence. The teams work in an agile, sustainable, effective and user-centered way. The teams are organised around:

Cyber Engineering:

  • building and maintaining the infrastructure required to effectively monitor security concerns
  • creating and maintaining tooling - Providing autonomous and self-service tools to detect security issues in near real-time and enforce actionable policies

Cyber Defence:

  • threat Intelligence - Delivering relevant and actionable threat intelligence data to teams
  • threat Hunting - Proactively and iteratively scanning through GDS assets to detect and isolate threats that evade security controls in place
  • incident Response - Delivering an effective, competent and exercised security incident management to GDS

Build autonomous products and services

The CDIO Security team builds autonomous products and services that help provide scalable solutions and increased efficiency. Automation frees up people for mission work using threat intelligence and machine learning to improve our solutions.

Actionable self-service security

The CDIO Security team provides service teams with tools, systems, process and support to service teams to make GDS more secure. The team aims to provide a service which is adequate and effective without being too burdensome in terms of restriction, time or cost.

Self-service makes sure people closest to GDS services have the tools to operate and resolve security incidents efficiently and effectively. These tools, systems and intelligence help service teams make informed decisions about their own security.

The CDIO Security team is working towards achieving full security coverage through logging all relevant events. These will be accessible by the GDS teams through tools like Splunk.

Further reading

The National Cyber Security Centre (NCSC) also provides guidance and intelligence about cybersecurity.

Contact us

Contact the Cyber Security team using the #cyber-security-help Slack channel.

This page was last reviewed on 21 July 2021. It needs to be reviewed again on 21 January 2022 by the page owner #gds-way .
This page was set to be reviewed before 21 January 2022 by the page owner #gds-way. This might mean the content is out of date.