DWP insolvency protection body sets project to review cyber capability and create new strategy


Public corporation the Pension Protection Fund has signed awarded to a major cyber consultancy a contract to assess its existing security setup next year and then direct plans for progress

A government body with responsibility for protecting £33bn in employer pension pots is to spend 2025 reviewing its current cyber credentials before developing and delivering a new security strategy.

The Pension Protection Fund (PPF) – a public corporation that operates as an arm’s-length body of the Department for Work and Pensions – has agreed a near-£100,000 deal for “infosec assessment and delivery of infosec strategy and target operating model”.

The contract, which was awarded to cyber consultancy and services firm NCC Group, comes into effect on 1 January and runs for the duration of 2025.

During that time, the supplier will help the government-owned company enhance its security posture via a two-stage programme of work to, first, better understand its current status and, then, to set the course for future improvement.


Related content


A newly published contact notice said: “The PPF has a need to review its information security across the entire organisation. To do this, a two-phase contract is required. Phase One, commencing 1 January 2025, will provide a cyber capability review by identifying the maturity of the PPF’s capabilities and CISO needs. The review will include a gap analysis. Phase Two, commencing 1 April 2024, will include the delivery of a information security strategy and target operating model.”

PPF’s remit is to protect members of defined-benefit pension programmes – in which recipients are paid a specified sum, based on salary and length of service, rather than related to employee contributions. The DWP arm’s-length body is also responsible for administering compensation payments to members of defined-benefit schemes operated by companies that have gone bust.

“It’s our duty to protect people with a defined benefit pension when an employer becomes insolvent,” the PPF’s website says. “We manage £33bn of assets for our 295,000 members.”

Sam Trendall

Learn More →