GUEST BLOG – Cyber Essentials: opening a new chapter with IASME Consortium

At the launch of the Cyber Essentials partnership with IASME Consortium, Anne W reflects on the power of partnerships.

 

Today marks a new chapter in the history of Cyber Essentials, as IASME Consortium take over full responsibility for the delivery of the scheme, becoming the NCSC’s Cyber Essentials partner . The planned celebratory launch event has been postponed, but in these currently difficult times it seems apt to talk about the power of partnership and working together.

I said in my last blog that Cyber Security is a team sport. It’s a theme that our CEO Ciaran Martin has returned to on many occasions – when talking about partnerships within government, between nations and with industry.

It’s only by building strong and effective partnerships that the NCSC will succeed in its mission to make the UK the safest place to live and work online. So, building a strong partnership with IASME has been a priority for the NCSC Cyber Essentials team, as much as the business of getting the other technical and commercial processes in place.

What is a partner?

The terms partner and partnership are frequently bandied around when it comes to business relationships.

All commercial relationships could, to some extent, be regarded as partnerships. However, they all have different levels of reliance, relationship and requirement.

What we are building with IASME is a collaborative partnership, which will develop and mature. A partnership that we hope will act as a template for our other relationships as we move forward.

Working with IASME in this way has led me to reflect on what it takes to make a good partnership, and how we are working differently with IASME than we have done previously.

Building a partnership

Forgive me if this seems a bit, “motherhood and apple pie.” But, for me, a good partnership is one where all parties put as much effort into the health of the relationship as they put in to making sure milestones and deliverables are met.

With IASME we have a partnering charter and regular partnership meetings that focus on the health of the relationship rather than project plans. We use the charter to independently score each other, and we use those objective scores to drive honest conversations about how it’s going.

This leads me to trust and openness. The NCSC team and IASME have not shied away from having some challenging conversations over the last few months. We’ve been open about where things are and aren’t working, and we’ve trusted each other not to allow these things to get in the way, remaining on good terms throughout.

We’ve managed to do this by keeping focussed on the end MUTUAL outcome whilst respecting the other party may also have other individual goals and circumstances; in other words, we’re accepting that we both have different perspectives.

For me, it was a very different experience finalising a contract directly with the CEO of a company and her part-time legal advisor. Having previously worked on some very big government contracts I was used to a team of lawyers and commercial folks opposite me. I realised just how challenging it can be for SMEs in this space.

Shared organisational values also help. It doesn’t have to be everything, but finding common ground helps relationships gel. We built in consideration of this right from the Invitation to Tender (ITT) stage, where part of the scoring was given over to a cultural fit evaluation, which sat alongside the technical and operational questions. With IASME we have found common ground in inclusivity. Both IASME and the NCSC (as well as our parent organisation, GCHQ) are serious about ensuring that our workplaces truly support all our protected groups and value the contribution of all our staff.

Finally, it goes without saying that contracts are very important. But if you put all your effort in focussing on these, the relationship forces you to think and behave more like adversaries than allies.

Taking things forward

So, 6 months into a new working relationship, how do I think it’s going? Well personally I think we are doing pretty-well.

There are still areas where we can both do better, but I believe we are equally committed to making that so.

As things develop we’ll continue to keep you up to date, with the occasional peek behind the curtain at Cyber Essentials. This, hopefully will make any future changes easier to understand for everyone involved.

But enough of me. Emma (CEO of IASME Consortium) will give her take on our new working relationship in her blog-post

Anne W
NCSC, Head of Commercial Assurance Services