Shauli Zacks
Published on: September 9, 2025
SafetyDetectives recently had the opportunity to speak with Steve Jewell, CEO of Nine23, a veteran-owned UK Sovereign High-Assurance Managed Service Provider. With more than two decades of experience in the Defence sector and a career that began at the UK Ministry of Defence, Steve has dedicated himself to building secure, resilient systems for mission-critical operations. In this interview, he shares his journey to leading Nine23, the company’s unique approach to cybersecurity and managed services, and his perspective on the challenges and trends shaping the future of secure digital transformation across Defence, Government, and National Security.
Can you share a bit about your background and what led you to take on the role of CEO at Nine23?
I began my career with the UK Ministry of Defence on a graduate development programme, gaining first-hand insight into the operational needs of the Armed Forces. This led to over two decades in the Defence sector, where I specialised in secure information systems, including pioneering the MoD’s first shared working environment for protectively marked material online. I later co-founded an information security company through a US-UK technology transfer initiative, marking my entry into entrepreneurship and business growth.
Following its acquisition by a Manchester-based MSP, I led their Public Sector division, expanding through strategic investments and M&A. Over time, the business shifted focus toward Public Cloud services, moving away from high-assurance infrastructure. Having collaborated with Nine23 on MoD projects for over a decade, I joined the company as Chief Growth Officer, drawn by its deep expertise and commitment to secure, sovereign digital services.
What attracted me to Nine23—and ultimately to the CEO role—was its unique position in high-assurance managed services and its mission to empower secure end-user operations. My passion lies in supporting frontline services through resilient technology. As CEO, my focus is on scaling the business, driving sustainable growth, and ensuring we continue to deliver trusted, mission-critical solutions across Defence, Government, and National Security.
For readers who may not be familiar, what does Nine23 focus on, and what makes your approach to cybersecurity and managed services unique?
Nine23 is a veteran owned, UK Sovereign, High-Assurance Managed Service Provider (MSP) delivering secure, resilient digital services for mission-critical operations in Defence, Government, National Security, and their supply-chains.
Trusted to deliver and support mission-critical operations; Nine23 passionately believes that cyber security and resilience must be business-enabling, not a constraint.
Offering a comprehensive suite of high-assurance services built on over 13 years of experience, Nine23 provides true UK sovereignty across the entire technology stack – from physical hosting and network connectivity to managed service delivery.
Nine23’s core offerings include:
- Information Security Advisory & Assurance
- UK Sovereign & Hybrid Cloud
- Connected Data
- Collaborative Working
- Secure Service Management & Continuous Assurance
Our solutions are built to meet the most stringent regulatory compliance requirements and are fully aligned with NCSC/DSIT guidance and Secure by Design principles – providing assurance that the systems we design, build, and manage can protect data at, and above Official. Enabling individuals and organisations to operate confidently and in compliance.
Nine23 places a strong emphasis on usability alongside high-assurance security. How do you strike the right balance between strict compliance requirements and a smooth end-user experience?
Many members of the Nine23 team have served in, or worked closely with, the military and law enforcement communities. This gives us a deep, first-hand understanding of the operational challenges faced when digital services fall short of mission requirements—or when users are forced to improvise to achieve outcomes. That experience shapes our core philosophy: security and usability must work together, not compete.
At Nine23, we design, deliver and support through-life, secure systems that empower users. From the outset, our services are built with usability, compliance, and high-assurance security at their core, aligned with NCSC and DSIT guidance and underpinned by Secure by Design principles.
We begin by listening—understanding the operational context and compliance demands of our clients, who operate in some of the most regulated and mission-critical environments across Defence, Government, and National Security. Using agile delivery and practical experience, we create tailored solutions that meet stringent security standards without compromising user experience.
User feedback is central to our operating model. We incorporate real-world testing and validation to ensure our platforms are intuitive, efficient, and secure. Our managed services include continuous monitoring, proactive risk management, and transparent SLAs—ensuring resilience and trust at every level.
As the pace of change accelerates—not only in technology but also in the nature of threats, organisational missions, and user expectations—ongoing assessment and assurance have become central to how we operate at Nine23. We recognise that delivering secure, high-assurance services is not a one-time achievement but a continuous commitment. Our team’s deep operational experience ensures we remain agile and responsive, constantly evaluating our platforms to meet evolving compliance standards and user needs. This proactive approach allows us to maintain the integrity, usability, and resilience of our services in the face of dynamic challenges.
Ultimately, our mission is to enable secure digital transformation without compromise. We believe security should be an enabler, not a barrier—and that belief is embedded in every solution we deliver.
With your work in defence, government, and other regulated sectors, what are some of the biggest cybersecurity challenges you see these organizations facing right now?
One of the most pressing cybersecurity challenges facing Defence, Government, and other regulated sectors today is the tension between the need to exploit data effectively and the imperative to protect it. These organisations are increasingly reliant on data-driven decision-making, yet the complexity of securing sensitive information across diverse systems and environments remains a significant hurdle.
Interoperability is another critical issue. Legacy systems, siloed infrastructures, and varying security standards across departments and agencies often hinder seamless collaboration. This fragmentation not only slows down operations but also introduces vulnerabilities that adversaries can exploit. Achieving secure interoperability—where systems can communicate and share data without compromising integrity—is essential for mission success.
Collaboration across organisations, sectors, and even nations is vital in responding to evolving threats. However, enabling secure collaboration while maintaining compliance with stringent regulatory frameworks such as NCSC guidance or MoD accreditation standards is a constant balancing act. The challenge lies in creating environments where trusted partners can share information securely and efficiently, without introducing risk.
At Nine23, we address these challenges by designing secure, user-centric platforms that support high-assurance data sharing and operational agility. Our solutions are built to enable secure exploitation of data, foster interoperability across systems, and facilitate collaboration between stakeholders – ensuring that cybersecurity is not a barrier, but a foundation for progress.
Nine23’s infrastructure and services are entirely UK-sovereign. Why is data sovereignty so critical today, and how does it shape your solutions?
It’s important to recognise that not all public sector data requires sovereign infrastructure. Effective solutions begin with understanding the value of data assets and assessing the potential impact of loss, compromise, or integrity breaches. At Nine23, we focus on clients who have made a conscious decision to mitigate these risks, particularly where operational resilience could be affected by reliance on non-domestic technology providers.
Often, the concern isn’t just about individual data points, but the insights that can be derived from aggregating data across systems. This is where hybrid infrastructure becomes increasingly valuable; allowing organisations to balance performance, cost-efficiency, and sovereignty based on the sensitivity of their data.
Data sovereignty today is not just a regulatory checkbox, it’s a strategic imperative. Our infrastructure and services are entirely UK-sovereign, meaning all data is stored, processed, and managed within UK jurisdiction, by UK-owned entities and UK-cleared personnel. This guarantees full legal and operational control, free from foreign legislation such as the US Cloud and Patriot Acts, which can compromise confidentiality and trust.
Our Platform FLEX is a fully UK-hosted, high-assurance private cloud designed to meet stringent UK security and assurance requirements. Operated from accredited UK data centres and supported by vetted UK personnel, it ensures compliance with NCSC guidance and the Security Policy Framework. This enables our clients to collaborate securely, exploit data confidently, and maintain interoperability across trusted networks—without compromising sovereignty.
Ultimately, data sovereignty shapes every aspect of our solutions. It’s about trust, control, and resilience. In sectors where compromise could threaten national security or public safety, sovereignty isn’t optional, in many operational services, it’s essential.
Looking ahead, what do you see as the most important trends or innovations that will shape secure, user-friendly technology over the next 3–5 years?
Looking ahead, the most important innovations shaping secure, user-friendly technology will be those that enable trusted, agile operations in increasingly complex environments. For organisations in Defence, Government, and regulated sectors, four key trends stand out:
- Secure interoperability across hybrid environments
As digital ecosystems become more distributed, the ability to securely connect legacy systems, cloud platforms, and edge devices will be essential. Interoperability must be achieved without compromising assurance, enabling users to access and share data across trusted domains while maintaining control and compliance.
- Mission-driven data exploitation
Data is now a strategic asset, and the ability to extract actionable insights securely will define operational success. Innovations in secure data classification, contextual access controls, and real-time analytics will allow organisations to exploit data without exposing it to unnecessary risk—especially where aggregated data reveals sensitive patterns.
- Frictionless, high-assurance collaboration
Collaboration tools must evolve to support secure, sovereign communication across departments, agencies, and allied partners. The future lies in platforms that combine usability with robust security, enabling users to work together confidently while maintaining the integrity of their data and systems.
- Continuous assurance and adaptive security
Static compliance models are no longer sufficient. Organisations will demand continuous assurance—where security is embedded throughout the lifecycle of services, automated monitoring, and real-time risk management. This shift will enable faster innovation while maintaining trust and resilience.
At Nine23, we’re building solutions that reflect these priorities—UK-sovereign, user-centric platforms that support secure interoperability, intelligent data use, and trusted collaboration. Our focus remains on enabling secure digital transformation without compromise, ensuring our clients are ready for the challenges ahead.
