Chief Digital and Information Office Teams
The Chief Digital and Information Office (CDIO) pillars each represent a number of teams working in a given area.
We work with the Cabinet Office, CDDO, CDIO and GDS teams to:
- provide a common set of tools to support common problems
- integrate and configure those tools
- build and maintain a secure platform making it easy for teams to build services
- provide Security Operations, Engineering and Architecture support
Change and Deliver
Change and Deliver contains the Digital Services, Digital Marketplace and GovWifi Teams. It provides account-level management for some tools and services. This includes support for:
- Amazon Web Services (AWS) accounts
- GitHub Enterprise accounts
The CDIO Security Team aims to make the Cabinet Office, CDDO, CDIO and GDS more secure by ensuring:
- they have a sustainable operational security capability able to respond 24/7, 365 days a year
- they are more difficult to attack, and attacks are less likely to succeed
- successful attacks are likely to be detected quickly
The CDIO Security team:
- uses threat intelligence - to inform and prioritise the risk
- focuses on delivery - to work in small agile delivery teams
- builds autonomous products and services - to scale and increase efficiency
- delivers actionable self-service security - to make sure service teams can keep themselves secure
Use threat intelligence to inform strategy
The CDIO Security team uses threat intelligence to inform and prioritise security risks and apply the appropriate and proportionate level of security controls.
The team’s strategy uses:
- threat intelligence to inform their priorities
- security risks to inform their work
- user needs to inform how they minimise security risks
Focus on delivery
The CDIO Security team is split into two teams, Cyber Engineering and Cyber Defence. The teams work in an agile, sustainable, effective and user-centered way. The teams are organised around:
- building and maintaining the infrastructure required to effectively monitor security concerns
- creating and maintaining tooling - Providing autonomous and self-service tools to detect security issues in near real-time and enforce actionable policies
- threat Intelligence - Delivering relevant and actionable threat intelligence data to teams
- threat Hunting - Proactively and iteratively scanning through GDS assets to detect and isolate threats that evade security controls in place
- incident Response - Delivering an effective, competent and exercised security incident management to GDS
Build autonomous products and services
The CDIO Security team builds autonomous products and services that help provide scalable solutions and increased efficiency. Automation frees up people for mission work using threat intelligence and machine learning to improve our solutions.
Actionable self-service security
The CDIO Security team provides service teams with tools, systems, process and support to service teams to make GDS more secure. The team aims to provide a service which is adequate and effective without being too burdensome in terms of restriction, time or cost.
Self-service makes sure people closest to GDS services have the tools to operate and resolve security incidents efficiently and effectively. These tools, systems and intelligence help service teams make informed decisions about their own security.
The CDIO Security team is working towards achieving full security coverage through logging all relevant events. These will be accessible by the GDS teams through tools like Splunk.
The National Cyber Security Centre (NCSC) also provides guidance and intelligence about cybersecurity.
Contact the Cyber Security team using the #cyber-security-help Slack channel.