• Have a question? Call us : +44 (0) 1256 744 780

  • Have a question? Call us :+44 (0) 1256 744 780

RightCue logo
Defence Cyber Certification2025-06-18T13:58:39+00:00

DEFENCE CYBER CERTIFICATION (DCC)

Certified to Strengthen Cyber Resilience in the UK Defence Supply Chain

We’re proud to announce that RightCue has been selected as a certifying body for Level Zero of the Defence Cyber Certification (DCC), under the governance of the UK Ministry of Defence (MOD) and administered by IASME Consortium.  This milestone affirms our strategic focus on secure, resilient cyber operations that empower businesses to thrive in highly regulated and sensitive sectors like defence.

Contact us
IASME cyber baseline certification

What is a Defence Cyber Certification?

The Defence Cyber Certification (DCC) is a comprehensive cybersecurity framework developed by the UK Ministry of Defence and delivered by IASME. It aims to strengthen the cyber resilience of the UK’s defence sector by providing a structured certification process for suppliers.

DCC offers a single, organisation-level assurance that suppliers can present in support of UK Defence procurements. Certifications are subject to annual check-ins and re-certification every three years.

Being certified against this standard ensures suppliers meet and maintain robust cybersecurity across their organisation.

Key objectives:

  • Protect MOD supply chain integrity

  • Provide confidence in supplier cyber maturity

  • Reduce cyber risks across national defence infrastructure

This certification is part of a broader national effort to bolster cyber resilience in industries critical to national infrastructure.

What are the Different Levels of the Certification?

The DCC framework comprises four levels, each corresponding to the assessed cyber risk associated with a supplier’s output:

  • Level Zero (3 Controls): For suppliers with a very low level of assessed cyber risk. Requires demonstration of basic cybersecurity practices.

  • Level One (101 Controls): For suppliers with a low to moderate level of assessed cyber risk. Requires a comprehensive cybersecurity programme with good practices.

  • Level Two (139 Controls): For suppliers with a high level of assessed cyber risk. Requires advanced cybersecurity oversight and planning, including Cyber Essentials Plus certification.

  • Level Three (144 Controls): For suppliers with a substantial level of assessed cyber risk. Requires expert cybersecurity capabilities and Cyber Essentials Plus certification.

Each level builds upon the previous, ensuring a scalable approach to cybersecurity maturity.

Let’s build resilience together

RightCue is here to guide you through the DCC process

Contact us

The Certification Process

As an appointed certifying body, RightCue facilitates the Level Zero certification process in four steps:

Start by contacting RightCue. We will help you understand the DCC Level Zero scope.

Important:

  • Before proceeding with DCC Level Zero, a Cyber Essentials certification needs to be in place.

Please be aware of the following:

  • Your Cyber Essentials certification must cover all internet-connected areas within the DCC scope.
  • DCC includes non-internet connected devices as well.
  • Some variation is expected (especially for larger organisations), and our assessor will seek contextual understanding.

If your Cyber Essentials scope does not adequately align, it is an automatic failure.

Prepare and submit yours answers and evidence related to:

  • Your Cyber Essentials scope
  • Data security basics
  • GDPR compliance (data governance practices)
  • Network and system resilience (evidence of planning and recovery capability)

Our assessors will conduct a video session to:

  • Discuss submitted evidence
  • Clarify scope differences
  • Review supporting documentation

Based on your evidence, RightCue will determine your certification outcome. A successful assessment will result in a Level Zero certification valid for 36 months.

What This Means for You

  • A comprehensive, organisation-wide cyber security certification for suppliers in the defence sector

  • Consistent praise from our clients for exceptional customer service and high-quality deliverables.

  • Designed to strengthen the cyber resilience and security of the UK defence sector’s supply chain

“Although we aren’t permitted to write publicly for the company, I appreciate the strong and continuing relationship we have with RightCue. From my personal perspective, we worked extensively with RightCue since 2023 and It’s consistently been a pleasure working with the team. I genuinely look forward to working with the team each year as we renew our Cyber Essentials+ certification as they consistently makes what can be a challenging process much more manageable and even enjoyable.”

Large MOD Supplier

Get Started with Defence Cyber Certification (DCC)

Speak to RightCue to get DCC certified

Speak to our Team

Knowledge Hub

To see how we work with clients, ensuring data privacy compliance for their specific industries read our useful articles, guides and customer success stories:

Explore our Knowledge Hub

See more help guides, articles, client success stories and resources.

Explore Knowledge Hub
Contact us
Privacy notice
Subscribe to newsletter

The Cyber Security Compliance Experts –
Putting business first.

+44 (0) 1256 744 780

The Square | Basing View | Basingstoke | Hampshire | UK | RG21 4EB

© 2012 - 2025 RightCue • All Rights Reserved • Website designed by Brevity Marketing

Go to Top