DISP Cyber Security Requirements — Essential Eight ML2 for ICT Vendors and MSSPs
All Defence Industry Security Program (DISP) members must achieve and maintain the full Essential Eight at Maturity Level 2 — mandatory from 15 November 2025 under DSPF Principle 16 Control 16.1. ICT vendors, MSSPs, cloud providers, and technology consultants supplying to Australian defence must hold current DISP membership and pass the 107-question Cyber Security Questionnaire (CSQ). DISPulse provides continuous Essential Eight ML2 monitoring with 1-click Annual Security Report generation, covering all 107 CSQ controls across DISP, PSPF, CMMC 2.0, and ISM frameworks simultaneously.