Published date: 13 August 2020

Last edited date: 13 August 2020

Closed opportunity - This means that the contract is currently closed. The buying department may be considering suppliers that have already applied, or no suitable offers were made.


Closing: 4 September 2020, 12pm

Contract summary

Industry

  • Security software package - 48730000

Location of contract

London

Value of contract

£300,000

Procurement reference

tender_248077/879414

Published date

13 August 2020

Closing date

4 September 2020

Closing time

12pm

Contract start date

1 October 2020

Contract end date

30 September 2021

Contract type

Supply contract

Procedure type

Call-off from a framework agreement

A mini-competition or direct purchase from a pre-established framework agreement.

Contract is suitable for SMEs?

Yes

Contract is suitable for VCSEs?

No

Description

NB: This is a further competition under an existing procurement framework and isnt open to the wider market. This notice is for information only.

Genomics England has a Cyber Security Strategy that commits to improving the cyber security capabilities of our information systems. A detection, response and management solution would provide a significant capability in line with the Cyber Security Strategy.

It is envisaged that a detection and response capability would provide three significant benefits:

1) The ability to detect malicious, suspicious, or anomalous events and behaviours across the whole of the GEL enterprise
2) The ability to review and interpret findings quickly and easily
3) The capability to quickly respond to malicious events with the option to automate standard response to common events

The solution for developing a detection and response capability is expected have the following characteristics. This is not an exhaustive list and should support the required outcome, it is not intended to preclude or favour any specific technology.

2.2.1 Information Entities for Analysis
The solution must be able to analyse data that gives an insight into user and device behaviour within the Genomics England Enterprise Systems (Cloud, On Prem, SAAS, IAAS, PAAS etc.)

2.2.2 User Behaviour Profiling Models
The solution must be able to model data and detect suspicious or 'out of character' behaviour. The solution must not rely solely on being able to recognise 'known bad' events (i.e. signature or rules-based detection).

2.2.3 Reports and Dashboards
The solution must be able to present information that is easy to understand and interpret. The solution must be able to cater for a diverse set of users e.g. analysts, senior management etc.

2.2.4 Deployment options
The solution must be able to cater for the whole Genomics England Enterprise (Cloud, On Prem, SAAS, IAAS, PAAS etc.).

2.2.5 Integrations with Identity Management (e.g. Azure AD, Okta, etc)

2.2.6 Response Capabilities
The solution must enable Genomics England staff to respond to possible security incidents in order to prevent or contain a security breach. As well enabling staff the solution should also have the capability to follow defined 'playbooks' and take automated action when triggered by certain events. This is often referred to as SOAR (Security Orchestration and Response). The key is reducing Genomics England's MTTR (Mean Time to Respond) in managing security incidents.

More information

Previous notice about this procurement

Detection and Response Security Solution

  • Opportunity
  • Published 12 August 2020, last edited 13 August 2020

Links

Additional text

NB: This is a closed further competition under an existing framework therefore isnt open to opportunity to the wider market. The eSourcing Portal link will not provide an open tender to register interest.

About the buyer

Contact name

Paul Nicholson

Address

Dawson Hall, Charterhouse Square
London
EC1M 6BQ
England

Email

paul.nicholson@genomicsengland.co.uk