Home / Resource Centre / Case Studies

Security Policy Definition Consultancy Services for Slovak Systems Integrator, Scientia s.r.o.

The Challenge

The increasing need for international defence co-operation is causing all coalition partners to consider their security policies and adapt to conform to interoperability requirements. In particular, NATO and Partners for Peace (PfP) nations must ensure appropriate separation of their command and control, tactical and strategic infrastructures to achieve acceptance into the community.

Many former Eastern Bloc countries and new central and eastern European nations tend to have security policies designed and implemented for internal use. The Slovak MoD, for example, currently operates a limited, multi-level security domain within its strategic and operational infrastructure. This is not suitable for its role in NATO.

The Slovak MoD appointed Scientia s.r.o. as its advisor on security capability, with a view to them defining and implementing the policy, process and controls for a multi-level secure defence infrastructure that could be accredited, guarded and controlled in an international environment. Scientia required advice and guidance on the international aspects of security policies, so, as Scientia’s established partner for provision of high grade military message handling systems, Nexor was chosen to assist in this task.

The Nexor Solution

Based on many years of operating in defence on a worldwide basis, Nexor was able to bring in-depth experience of security policies to Scientia. Using a CLAS consultant, Nexor focused its services on transferring skills and knowledge to Scientia staff, to equip them to work with the Slovak MoD. Building on mature principles and techniques from the UK government, Nexor designed and delivered a workshop-style seminar covering:

  • Security policy objectives
  • Risk assessment
  • Examples of security policy implementation based on various technical solutions
  • Accreditation
  • Security policy management and control
  • Quantifiable measurement.

The interactive style of the consultancy enabled the group to discuss the specific needs of the Slovak MoD and apply the advice and guidance in a practical manner.

The Results

The CLAS certification gave Scientia the confidence that Nexor consultants are acknowledged by the UK government as being experts in the field of information assurance. During the workshop, Scientia gained a detailed understanding of how to design, implement, accredit and manage a multi-level security domain. This knowledge is now being used in practice in Slovakia to build the physical and communication protective required by the Slovak MoD for the next several years.

NEX1849COR01
Information in this document is provided as is without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability, fitness for a particular purpose and freedom from infringement.

CLAS: The UK Communications-Electronics Security Group (CESG) aims to protect and promote the vital interests of the UK by providing advice and assistance on the security of communications and electronic data. CESG’s Listed Adviser Scheme (CLAS) was set up to provide a pool of accredited Information Assurance professionals on which Government customers could draw for consultancy and advice.