Tender

SIEM / SOAR / TIP Technologies (Global)

NATIONAL GRID UK LIMITED

This public procurement record has 2 releases in its history.

TenderUpdate

27 Mar 2023 at 08:56

Tender Notice
Planning

15 Mar 2023 at 11:46

Planning Notice
Summary of the contracting process

The National Grid UK Limited is seeking a strategic partner to provide SIEM, SOAR, and TIP technologies for their Security Team. This tender opportunity comprises 3 lots, and interested parties can register their interest. Key dates include PIN Issued: 15th March 2023, PIN Closed: 7th April 2023, PQQ Issued: 17th April 2023, PQQ Closed: 5th May 2023, RFP Issued: 15th May 2023, RFP Closed: 9th June 2023, and Contract Award: 15th September 2023. The procurement stage is currently in the planning phase.

This tender from National Grid UK Limited provides an opportunity for technology vendors specializing in security software packages to compete. Businesses offering SIEM, SOAR, and TIP technologies and services related to cybersecurity can benefit from participating in this tender. The tender process involves multiple lots, allowing vendors to bid for one or more categories based on their expertise. Eligible businesses must adhere to the outlined dates and guidelines to secure a chance to partner with National Grid UK Limited in delivering critical security solutions.

Find more tenders on our Open Data Platform.
How relevant is this notice?

D3 Tenders Premium

Win More Public Sector Contracts

AI-powered tender discovery, pipeline management, and market intelligence — everything you need to grow your public sector business.

Start Free Trial Book a Demo
All Features Pricing

Notice Information

Notice Title

SIEM / SOAR / TIP Technologies (Global)

Notice Description

National Grid's Security Team is seeking to select a strategic partner to provide one or all of the below capabilities: * SIEM (Security Information and Event Management) * SOAR (Security Orchestration, Automation, and Response) * TIP (Threat Intelligence Platform) National Grid welcomes interested parties who lead in the above-listed areas to register their interest regarding this tender opportunity. Please note that this tender will consist of 3 lots. Suppliers may choose to bid for any number of lots.

Lot Information

SIEM (Security Information and Event Management)Technology

National Grid security team operates a 24*7*365 Cyber Security Operation Centre (CSOC) that monitors our estate for malicious, suspicious, or anomalous behavior and responds appropriately to ensure the consistency of services National Grid provides. SIEM / SOAR / TIP technologies are the cornerstone of an effective Security Operations organization. The successful solution will demonstrate the below: SIEM * Comprehensive log collection - The SIEM solution should be able to collect logs from all relevant sources. This includes servers, databases, network devices, end user devices, and applications. * Alerting and Reporting - The SIEM solution should provide a catalog of alerts and reports out of the box that can be modified and tuned to meet the needs of National Gird. * Advanced Analytics - The SIEM solution should have advanced analytic capabilities such as behavioral analytics (UEBA) and machine learning to detect anomalous activity and potential threats. * Real-time (or near real-time) monitoring - The SIEM solution should be able to provide real-time monitoring to ensure security events are detected quickly. * Integration - The SIEM solution should integrate with other industry-standard security tools to provide a complete view of the internal security landscape. * Scalability - The solution should be able to scale up and down as required by the organizational needs of National Grid. * Support - National Grid should have access to a 24/7/365 vendor support team to assist with any service issues. Vendor-provided training and certification should be available to all applicable National Grid staff. * Usability - The solution should be user-friendly and initiative to configure and manage. It should allow teams to easily drill down into specific data points for more detailed analysis. Additional information: Technical & Delivery Considerations Due to the strictly regulated industries National Grid operate in, we have a strong preference towards vendors who can provide a hybrid architecture whereby infrastructure is split between on-premise and cloud. The required solution will integrate with internal IT infrastructure and external vendors of National Grid. Vendors will be expected to demonstrate how they can effectively integrate with other tooling in the environment. In addition to the software and hosting service, we will be looking for a robust plan around the operations support models available.

SOAR (Security Orchestration, Automation and Response)Technology

National Grid security team operates a 24*7*365 Cyber Security Operation Centre (CSOC) that monitors our estate for malicious, suspicious, or anomalous behavior and responds appropriately to ensure the consistency of services National Grid provides. SIEM / SOAR / TIP technologies are the cornerstone of an effective Security Operations organization. The successful solution will demonstrate the below: SOAR * Comprehensive integration - The SOAR solution should integrate with the internal and external tooling for automated enrichment and response * Automation - The SOAR solution should contain a repository of playbooks that can be used to accelerate the adoption of the platform * Case Management - The SOAR Platform should provide a centralized incident management console that allows for end-to-end incident management. * Analytics and reporting - The SOAR solution should provide advanced analytics and reporting allowing National Grid to track key metrics, identify trends and gain insights into security operations. * Scalability - The solution should be able to scale up and down as required by the organizational needs of National Grid. * Support - National Grid should have access to a 24/7/365 vendor support team to assist with any service issues. Vendor-provided training and certification should be available to all applicable National Grid staff. * Usability - The solution should be user-friendly and initiative to configure and manage. It should allow teams to easily drill down into specific data points for more detailed analysis. Additional information: Technical & Delivery Considerations Due to the strictly regulated industries National Grid operate in, we have a strong preference towards vendors who can provide a hybrid architecture whereby infrastructure is split between on-premise and cloud. The required solution will integrate with internal IT infrastructure and external vendors of National Grid. Vendors will be expected to demonstrate how they can effectively integrate with other tooling in the environment. In addition to the software and hosting service, we will be looking for a robust plan around the operations support models available.

TIP (Threat Intelligence Platform)Technology

National Grid security team operates a 24*7*365 Cyber Security Operation Centre (CSOC) that monitors our estate for malicious, suspicious, or anomalous behavior and responds appropriately to ensure the consistency of services National Grid provides. SIEM / SOAR / TIP technologies are the cornerstone of an effective Security Operations organization. The successful solution will demonstrate the below TIP * Comprehensive source integrations - The TIP should be able to take threat feeds from a variety of sources including open source and paid threat feeds, internal security tooling, and manual submissions from internal teams. * Advanced Analytics - The TIP solution should be able to analyse ingested threat data to identify patterns and trends, allowing National Grid to gain insights into the nature of threats targeting the organization. * Usability - The TIP solution should be user-friendly and initiative to configure and manage. * Reporting - The TIP solution should provide customizable dashboards and reports that allow users to drill down into specific data points. * Scalability - The solution should be able to scale up and down as required by the organizational needs of National Grid. * Support - National Grid should have access to a 24/7/365 vendor support team to assist with any service issues. Vendor-provided training and certification should be available to all applicable National Grid staff. * Usability - The solution should be user-friendly and initiative to configure and manage. It should allow teams to easily drill down into specific data points for more detailed analysis. Additional information: Due to the strictly regulated industries National Grid operate in, we have a strong preference towards vendors who can provide a hybrid architecture whereby infrastructure is split between on-premise and cloud. The required solution will integrate with internal IT infrastructure and external vendors of National Grid. Vendors will be expected to demonstrate how they can effectively integrate with other tooling in the environment. In addition to the software and hosting service, we will be looking for a robust plan around the operations support models available.

Notice Details

Publication & Lifecycle

Open Contracting ID
ocds-h6vhtk-03b2ff
Publication Source
Find A Tender Service
Latest Notice
https://www.find-tender.service.gov.uk/Notice/008770-2023
Current Stage
Tender
All Stages
Planning, Tender

Procurement Classification

Notice Type
Planning Notice
Procurement Type
Standard
Procurement Category
Goods
Procurement Method
Not Specified
Procurement Method Details
Not specified
Tender Suitability
Not specified
Awardee Scale
Not specified

Common Procurement Vocabulary (CPV)

CPV Divisions

48 - Software package and information systems

CPV Codes

48730000 - Security software package

Notice Value(s)

Tender Value
£15,000,000 £10M-£100M
Lots Value
Not specified
Awards Value
Not specified
Contracts Value
Not specified

Notice Dates

Publication Date
27 Mar 20232 years ago
Submission Deadline
7 Apr 2023Expired
Future Notice Date
9 Apr 2023Expired
Award Date
Not specified
Contract Period
Not specified - Not specified
Recurrence
Not specified

Notice Status

Tender Status
Planned
Lots Status
Planned
Awards Status
Not Specified
Contracts Status
Not Specified

Buyer & Supplier

Contracting Authority (Buyer)

Main Buyer
NATIONAL GRID UK LIMITED
Contact Name
Cora Russell
Contact Email
cora.russell@nationgrid.com
Contact Phone
Not specified

Buyer Location

Locality
LONDON
Postcode
WC2N 5EH
Post Town
Central London
Country
England
Major Region (ITL 1)
TLI London
Basic Region (ITL 2)
TLI3 Inner London - West
Small Region (ITL 3)
TLI35 Westminster and City of London
Delivery Location
Not specified
Local Authority
Westminster
Electoral Ward
St James's
Westminster Constituency
Cities of London and Westminster

Further Information

Open Contracting Data Standard (OCDS)

View full OCDS Record for this contracting process

Download

The Open Contracting Data Standard (OCDS) is a framework designed to increase transparency and access to public procurement data in the public sector. It is widely used by governments and organisations worldwide to report on procurement processes and contracts. 

{
    "tag": [
        "compiled"
    ],
    "id": "ocds-h6vhtk-03b2ff-2023-03-27T09:56:30+01:00",
    "date": "2023-03-27T09:56:30+01:00",
    "ocid": "ocds-h6vhtk-03b2ff",
    "description": "Indicative Tender Timelines To support the resource and planning of interested parties National Grid has outlined an indicative timetable below. Please note this is not binding and subject to change. 1. PIN Issued: Wednesday 15th March 2023 2. PIN Closed: Friday 7th April 2023 3. PQQ Issued: Monday 17th April 2023 4. PQQ Closed: Friday 5th May 2023 5. RFP Issued: Monday 15th May 2023 6. RFP Closed: Friday 9th June 2023 7. Contract Award: Friday 15th September 2023 Pre-request to be eligible to participate In order to participate in this tender, you must be registered on the Achilles UVDB system. UVDB is used to pre-qualify our suppliers to ensure they meet the minimum legal and regulatory requirements in order to contract with National Grid . UVDB is the utility industry pre-qualification system used by the utilities sector in the UK to manage risk within the supply chain and comply with EU regulations. Joining UVDB as a supplier provides your organisation with an opportunity to showcase your capabilities and access multiple contract opportunities by completing a single pre-qualification questionnaire (PQQ). UVDB is used by many utility buyer organisations. If you are already registered with UVDB you only need to ensure that you are registered under UVDB code 1.5.8.17 Software - (Safety, Health, Environment, and Security) If you are not currently registered this can be done by registering at: https://www.achilles.com/community/uvdb/ You will then need to register under UVDB code 1.5.8.17 Software - (Safety, Health, Environment, and Security) If you require any further information regarding this registration, please contact: Samuel Lloyd-Jones (samuel.lloydjones@achilles.com) who can support any issues with completion of your registration process on Achilles ahead of the qualification event commencing in mid April 2023. Further to the enclosed PIN, please indicate your expression of interest and confirmation of which Lot you would be interested in ( please note this is just for information purposes and will not exclude you from any lots in the future ) also confirm that you are or will be registering on Achilles UVDB against code 1.5.8.17 Software - (Safety, Health, Environment, and Security). emailing: cora.russell@nationalgrid.com",
    "initiationType": "tender",
    "tender": {
        "id": "ocds-h6vhtk-03b2ff",
        "legalBasis": {
            "id": "32014L0025",
            "scheme": "CELEX"
        },
        "title": "SIEM / SOAR / TIP Technologies (Global)",
        "status": "planned",
        "classification": {
            "scheme": "CPV",
            "id": "48730000",
            "description": "Security software package"
        },
        "mainProcurementCategory": "goods",
        "description": "National Grid's Security Team is seeking to select a strategic partner to provide one or all of the below capabilities: * SIEM (Security Information and Event Management) * SOAR (Security Orchestration, Automation, and Response) * TIP (Threat Intelligence Platform) National Grid welcomes interested parties who lead in the above-listed areas to register their interest regarding this tender opportunity. Please note that this tender will consist of 3 lots. Suppliers may choose to bid for any number of lots.",
        "value": {
            "amount": 15000000,
            "currency": "GBP"
        },
        "lotDetails": {
            "maximumLotsAwardedPerSupplier": 3,
            "awardCriteriaDetails": "The full and final scope of each lot has yet to be fully approved but a high-level scope has been provided to help you determine if you have the capabilities"
        },
        "lots": [
            {
                "id": "1",
                "title": "SIEM (Security Information and Event Management)Technology",
                "description": "National Grid security team operates a 24*7*365 Cyber Security Operation Centre (CSOC) that monitors our estate for malicious, suspicious, or anomalous behavior and responds appropriately to ensure the consistency of services National Grid provides. SIEM / SOAR / TIP technologies are the cornerstone of an effective Security Operations organization. The successful solution will demonstrate the below: SIEM * Comprehensive log collection - The SIEM solution should be able to collect logs from all relevant sources. This includes servers, databases, network devices, end user devices, and applications. * Alerting and Reporting - The SIEM solution should provide a catalog of alerts and reports out of the box that can be modified and tuned to meet the needs of National Gird. * Advanced Analytics - The SIEM solution should have advanced analytic capabilities such as behavioral analytics (UEBA) and machine learning to detect anomalous activity and potential threats. * Real-time (or near real-time) monitoring - The SIEM solution should be able to provide real-time monitoring to ensure security events are detected quickly. * Integration - The SIEM solution should integrate with other industry-standard security tools to provide a complete view of the internal security landscape. * Scalability - The solution should be able to scale up and down as required by the organizational needs of National Grid. * Support - National Grid should have access to a 24/7/365 vendor support team to assist with any service issues. Vendor-provided training and certification should be available to all applicable National Grid staff. * Usability - The solution should be user-friendly and initiative to configure and manage. It should allow teams to easily drill down into specific data points for more detailed analysis. Additional information: Technical & Delivery Considerations Due to the strictly regulated industries National Grid operate in, we have a strong preference towards vendors who can provide a hybrid architecture whereby infrastructure is split between on-premise and cloud. The required solution will integrate with internal IT infrastructure and external vendors of National Grid. Vendors will be expected to demonstrate how they can effectively integrate with other tooling in the environment. In addition to the software and hosting service, we will be looking for a robust plan around the operations support models available.",
                "status": "planned"
            },
            {
                "id": "2",
                "title": "SOAR (Security Orchestration, Automation and Response)Technology",
                "description": "National Grid security team operates a 24*7*365 Cyber Security Operation Centre (CSOC) that monitors our estate for malicious, suspicious, or anomalous behavior and responds appropriately to ensure the consistency of services National Grid provides. SIEM / SOAR / TIP technologies are the cornerstone of an effective Security Operations organization. The successful solution will demonstrate the below: SOAR * Comprehensive integration - The SOAR solution should integrate with the internal and external tooling for automated enrichment and response * Automation - The SOAR solution should contain a repository of playbooks that can be used to accelerate the adoption of the platform * Case Management - The SOAR Platform should provide a centralized incident management console that allows for end-to-end incident management. * Analytics and reporting - The SOAR solution should provide advanced analytics and reporting allowing National Grid to track key metrics, identify trends and gain insights into security operations. * Scalability - The solution should be able to scale up and down as required by the organizational needs of National Grid. * Support - National Grid should have access to a 24/7/365 vendor support team to assist with any service issues. Vendor-provided training and certification should be available to all applicable National Grid staff. * Usability - The solution should be user-friendly and initiative to configure and manage. It should allow teams to easily drill down into specific data points for more detailed analysis. Additional information: Technical & Delivery Considerations Due to the strictly regulated industries National Grid operate in, we have a strong preference towards vendors who can provide a hybrid architecture whereby infrastructure is split between on-premise and cloud. The required solution will integrate with internal IT infrastructure and external vendors of National Grid. Vendors will be expected to demonstrate how they can effectively integrate with other tooling in the environment. In addition to the software and hosting service, we will be looking for a robust plan around the operations support models available.",
                "status": "planned"
            },
            {
                "id": "3",
                "title": "TIP (Threat Intelligence Platform)Technology",
                "description": "National Grid security team operates a 24*7*365 Cyber Security Operation Centre (CSOC) that monitors our estate for malicious, suspicious, or anomalous behavior and responds appropriately to ensure the consistency of services National Grid provides. SIEM / SOAR / TIP technologies are the cornerstone of an effective Security Operations organization. The successful solution will demonstrate the below TIP * Comprehensive source integrations - The TIP should be able to take threat feeds from a variety of sources including open source and paid threat feeds, internal security tooling, and manual submissions from internal teams. * Advanced Analytics - The TIP solution should be able to analyse ingested threat data to identify patterns and trends, allowing National Grid to gain insights into the nature of threats targeting the organization. * Usability - The TIP solution should be user-friendly and initiative to configure and manage. * Reporting - The TIP solution should provide customizable dashboards and reports that allow users to drill down into specific data points. * Scalability - The solution should be able to scale up and down as required by the organizational needs of National Grid. * Support - National Grid should have access to a 24/7/365 vendor support team to assist with any service issues. Vendor-provided training and certification should be available to all applicable National Grid staff. * Usability - The solution should be user-friendly and initiative to configure and manage. It should allow teams to easily drill down into specific data points for more detailed analysis. Additional information: Due to the strictly regulated industries National Grid operate in, we have a strong preference towards vendors who can provide a hybrid architecture whereby infrastructure is split between on-premise and cloud. The required solution will integrate with internal IT infrastructure and external vendors of National Grid. Vendors will be expected to demonstrate how they can effectively integrate with other tooling in the environment. In addition to the software and hosting service, we will be looking for a robust plan around the operations support models available.",
                "status": "planned"
            }
        ],
        "items": [
            {
                "id": "1",
                "additionalClassifications": [
                    {
                        "scheme": "CPV",
                        "id": "48730000",
                        "description": "Security software package"
                    }
                ],
                "deliveryAddresses": [
                    {
                        "region": "UK"
                    },
                    {
                        "region": "US"
                    }
                ],
                "relatedLot": "1"
            },
            {
                "id": "2",
                "additionalClassifications": [
                    {
                        "scheme": "CPV",
                        "id": "48730000",
                        "description": "Security software package"
                    }
                ],
                "deliveryAddresses": [
                    {
                        "region": "UK"
                    },
                    {
                        "region": "US"
                    }
                ],
                "relatedLot": "2"
            },
            {
                "id": "3",
                "additionalClassifications": [
                    {
                        "scheme": "CPV",
                        "id": "48730000",
                        "description": "Security software package"
                    }
                ],
                "deliveryAddresses": [
                    {
                        "region": "UK"
                    },
                    {
                        "region": "US"
                    }
                ],
                "relatedLot": "3"
            }
        ],
        "communication": {
            "futureNoticeDate": "2023-04-10T00:00:00+01:00"
        },
        "tenderPeriod": {
            "endDate": "2023-04-07"
        },
        "submissionTerms": {
            "languages": [
                "en"
            ]
        },
        "amendments": [
            {
                "id": "1",
                "description": "Please note the Achilles' contact is Desta Wheeler desta.wheeler@achilles.com"
            }
        ]
    },
    "parties": [
        {
            "id": "GB-COH-04508773",
            "name": "NATIONAL GRID UK LIMITED",
            "identifier": {
                "legalName": "NATIONAL GRID UK LIMITED",
                "id": "04508773",
                "scheme": "GB-COH"
            },
            "address": {
                "streetAddress": "Grand Buildings,1-3 Strand",
                "locality": "LONDON",
                "region": "UK",
                "postalCode": "WC2N5EH",
                "countryName": "United Kingdom"
            },
            "contactPoint": {
                "name": "Cora Russell",
                "email": "cora.russell@nationgrid.com"
            },
            "roles": [
                "buyer"
            ],
            "details": {
                "url": "http://www.nationalgrid.com",
                "classifications": [
                    {
                        "scheme": "TED_CE_ACTIVITY",
                        "id": "ELECTRICITY",
                        "description": "Electricity"
                    }
                ]
            }
        },
        {
            "id": "GB-COH-45688",
            "name": "NATIONAL GRID UK LIMITED",
            "identifier": {
                "legalName": "NATIONAL GRID UK LIMITED",
                "id": "45688",
                "scheme": "GB-COH"
            },
            "address": {
                "streetAddress": "Grand Buildings,1-3 Strand",
                "locality": "LONDON",
                "region": "UK",
                "postalCode": "WC2N5EH",
                "countryName": "United Kingdom"
            },
            "contactPoint": {
                "name": "Cora Russell",
                "email": "cora.russell@nationgrid.com"
            },
            "roles": [
                "buyer"
            ],
            "details": {
                "url": "http://www.nationalgrid.com"
            }
        }
    ],
    "buyer": {
        "id": "GB-COH-45688",
        "name": "NATIONAL GRID UK LIMITED"
    },
    "language": "en"
}