DEFENCE CYBER CERTIFICATION (DCC)
Certified to Strengthen Cyber Resilience in the UK Defence Supply Chain
We’re proud to announce that RightCue has been selected as a certifying body for all levels (Zero, One, Two and Three) of the Defence Cyber Certification (DCC), under the governance of the UK Ministry of Defence (MOD) and administered by IASME Consortium. This milestone affirms our strategic focus on secure, resilient cyber operations that empower businesses to thrive in highly regulated and sensitive sectors like defence.

What is a Defence Cyber Certification?
The Defence Cyber Certification (DCC) is a comprehensive cybersecurity framework developed by the UK Ministry of Defence and delivered by IASME. It aims to strengthen the cyber resilience of the UK’s defence sector by providing a structured certification process for suppliers.
DCC offers a single, organisation-level assurance that suppliers can present in support of UK Defence procurements. Certifications are subject to annual check-ins and re-certification every three years. To keep your certificate valid you also maintain your underlying Cyber Essentials or Cyber Essentials Plus certification and complete an annual attestation.
Being certified against this standard ensures suppliers meet and maintain robust cybersecurity across their organisation.
Key objectives:
This certification is part of a broader national effort to bolster cyber resilience in industries critical to national infrastructure.


What are the Different Levels of the Certification?
The DCC framework comprises four levels, each corresponding to the assessed cyber risk associated with a supplier’s output:
Each level builds on the one below it, so the number of controls grows with the assessed risk. You do not have to start at Level Zero. You can apply for the level you need and move up later through a fresh assessment at the higher level.

The Certification Process
As an official Certification Body for Levels 0 to 3, RightCue guides you through the whole DCC process. The four steps below describe a Level Zero assessment. Levels 1 to 3 follow the same path in greater depth, with the scope agreed up front and, at Levels 2 and 3, a likely physical site visit:
What This Means for You
“Although we aren’t permitted to write publicly for the company, I appreciate the strong and continuing relationship we have with RightCue. From my personal perspective, we worked extensively with RightCue since 2023 and It’s consistently been a pleasure working with the team. I genuinely look forward to working with the team each year as we renew our Cyber Essentials+ certification as they consistently makes what can be a challenging process much more manageable and even enjoyable.”
Large MOD Supplier
The Defence Cyber Certification (DCC) is a cyber security certification framework for UK defence suppliers, developed by the UK Ministry of Defence (MOD) and delivered through IASME. It gives suppliers a single, organisation-level way to demonstrate cyber resilience in support of UK defence procurements.
No. DCC is currently not mandatory and you can still tender for MOD contracts through the normal process. Certifying early demonstrates cyber maturity and gives suppliers a competitive advantage.
There are four levels matched to assessed cyber risk: Level 0 (3 controls), Level 1 (101 controls), Level 2 (139 controls) and Level 3 (144 controls). All levels start with Cyber Essentials, and Levels 2 and 3 require Cyber Essentials Plus.
Yes. Cyber Essentials is the first requirement for every level. Levels 0 and 1 require Cyber Essentials, and Levels 2 and 3 require Cyber Essentials Plus, covering the right scope.
DCC certification is valid for three years. You complete an annual attestation and maintain your Cyber Essentials or Cyber Essentials Plus certification, then recertify every three years.
No. You can apply for the level you need without completing lower levels first, and you can move up later through a fresh assessment at the higher level.
Knowledge Hub
To see how we work with clients, ensuring data privacy compliance for their specific industries read our useful articles, guides and customer success stories:





