Planning

Provision of Security Operations Centre Managed Service: Prior Information Notice

CROWN PROSECUTION SERVICE

This public procurement record has 1 release in its history.

Planning

14 Aug 2023 at 15:33

Planning Notice
Summary of the contracting process

The Crown Prosecution Service is planning a procurement process titled "Provision of Security Operations Centre Managed Service: Prior Information Notice". This procurement falls under the services category and aims to secure a Security Operations Centre (SOC) service. The SOC provider will need to manage a SIEM solution, provide cyber threat intelligence, handle incident response, ensure compliance, and offer capability integration. The planned communication of future details for this tender is set for January 31, 2024, enabling interested suppliers to engage.

This opportunity allows businesses specializing in security services, IT services, and cyber threat intelligence to compete. Companies with expertise in providing 24/7 security services, incident response, compliance management, and cybersecurity capabilities will find this tender suitable. The Crown Prosecution Service as the buying organization is focusing on modernizing its approach to SOC service provision and seeks innovative solutions from potential suppliers to enhance their security capabilities.

Find more tenders on our Open Data Platform.
How relevant is this notice?

D3 Tenders Premium

Win More Public Sector Contracts

AI-powered tender discovery, pipeline management, and market intelligence — everything you need to grow your public sector business.

Start Free Trial Book a Demo
All Features Pricing

Notice Information

Notice Title

Provision of Security Operations Centre Managed Service: Prior Information Notice

Notice Description

Provision of Security Operations Centre Managed Service Requirement: Prior Information Notice. The Crown Prosecution Service (CPS) has a security function within the Digital and Information Directorate (DID), delivering a professional approach and striving for Security Excellence in the provision of all IT services. Whilst the Security team is internal, the CPS is seeking to procure a Security Operations Centre (SOC) service. The Security Operations Centre is a key service for the CPS, and it is critical that any supplier delivering this service understands the nature of the business, the key role that the CPS plays within the Criminal Justice System and the need for a full 24 x 7 x 365 security service, as there are services available outside office hours.

Lot Information

Lot 1

Prior Information Notice for Provision of a Security Operations Centre (SOC) Service: The Crown Prosecution Service (CPS) has a security function within the Digital and Information Directorate (DID), delivering a professional approach and striving for Security Excellence in the provision of all IT services. Whilst the Security team is internal, the CPS is seeking to procure a Security Operations Centre (SOC) service. The Security Operations Centre is a key service for the CPS, and it is critical that any supplier delivering this service understands the nature of the business, the key role that the CPS plays within the Criminal Justice System and the need for a full 24 x 7 x 365 security service, as there are services available outside office hours. The CPS plans to (separately) procure a SIEM tool and is looking for a SOC provider to complement its cyber defensive capabilities in providing: * Managing the CPS SIEM solution, including: o Onboarding / removal of SIEM feeds and/or configuration of SIEM tool o Creating customised alerts o 24x7x365 monitoring of alerts, including analysing alerts to detect threats and configuration of security orchestration, automation and response. * Provide cyber threat Intelligence, including: o Threat Intel - Identify, Investigate and hunt for cyber threats to gain insight into attacker behaviour, infrastructure, motives and IOCs'. o Vulnerability Intelligence - identify vulnerabilities that pose the most risk to their organisation, reducing downtime, and preventing attacks. o Supply chain intelligence - monitor the CPS's supply chain o Brand intelligence - provide analytical insights to proactively defend against new and emerging threats to your brand, products, employees, executives, and suppliers. * Capability integration - continually improve the detection capabilities of the SIEM by learning from cyber threat intelligence and incidents. * Incident response, including: o Work according to agreed incident response processes, playbooks with the customer. o Identify, analyse, contain and eradicate, recover (see below) and review incidents. o Provide Forensic analysis / forensic evidence gathering as required (preferably NCSC certified) * Compliance Management - help ensure that applications, security tools and processes comply with privacy regulations, namely Data Protection Act. The SOC provider will be expected to record incidents in the CPS ITSM tool to automate the production of incident management information. The SOC provider will also be required to assist with the trending of incidents and attend operational level meetings with the CPS and other suppliers as required. At this stage, the CPS is seeking to engage with the supply market as part of an information-gathering exercise to understand how suppliers might approach the provision of the services outline above, particularly with regard to any developments in SIEM / SOC delivery and innovation. Suppliers who wish to express their interest in this potential opportunity should do so via the contact details contained within the notice and present their observations on how the requirements within this Prior Information Notice could be fulfilled. This may take any format and should cover the following areas per as minimum: * Observations / Comments on the customer requirements, particularly the feasibility of adding forensic analysis and NCSC certified Cyber Incident Responder retainer capability to the requirements. * how the provision of the SOC service has been modernised in recent years * approach to ensure Service Excellence * Recommendation for SIEM tool(s) and reasons.

Notice Details

Publication & Lifecycle

Open Contracting ID
ocds-h6vhtk-03efa8
Publication Source
Find A Tender Service
Latest Notice
https://www.find-tender.service.gov.uk/Notice/023779-2023
Current Stage
Planning
All Stages
Planning

Procurement Classification

Notice Type
Planning Notice
Procurement Type
Standard
Procurement Category
Services
Procurement Method
Not Specified
Procurement Method Details
Not specified
Tender Suitability
Not specified
Awardee Scale
Not specified

Common Procurement Vocabulary (CPV)

CPV Divisions

72 - IT services: consulting, software development, Internet and support

CPV Codes

72250000 - System and support services

Notice Value(s)

Tender Value
Not specified
Lots Value
Not specified
Awards Value
Not specified
Contracts Value
Not specified

Notice Dates

Publication Date
14 Aug 20232 years ago
Submission Deadline
Not specified
Future Notice Date
31 Jan 2024Expired
Award Date
Not specified
Contract Period
Not specified - Not specified
Recurrence
Not specified

Notice Status

Tender Status
Planned
Lots Status
Planned
Awards Status
Not Specified
Contracts Status
Not Specified

Buyer & Supplier

Contracting Authority (Buyer)

Main Buyer
CROWN PROSECUTION SERVICE
Contact Name
Patience Arinaitwe
Contact Email
patience.arinaitwe@cps.gov.uk
Contact Phone
Not specified

Buyer Location

Locality
LONDON
Postcode
SW1H 9EA
Post Town
South West London
Country
England
Major Region (ITL 1)
TLI London
Basic Region (ITL 2)
TLI3 Inner London - West
Small Region (ITL 3)
TLI35 Westminster and City of London
Delivery Location
TLI London
Local Authority
Westminster
Electoral Ward
St James's
Westminster Constituency
Cities of London and Westminster

Further Information

Open Contracting Data Standard (OCDS)

View full OCDS Record for this contracting process

Download

The Open Contracting Data Standard (OCDS) is a framework designed to increase transparency and access to public procurement data in the public sector. It is widely used by governments and organisations worldwide to report on procurement processes and contracts. 

{
    "tag": [
        "compiled"
    ],
    "id": "ocds-h6vhtk-03efa8-2023-08-14T16:33:10+01:00",
    "date": "2023-08-14T16:33:10+01:00",
    "ocid": "ocds-h6vhtk-03efa8",
    "initiationType": "tender",
    "tender": {
        "id": "ocds-h6vhtk-03efa8",
        "legalBasis": {
            "id": "32014L0024",
            "scheme": "CELEX"
        },
        "title": "Provision of Security Operations Centre Managed Service: Prior Information Notice",
        "status": "planned",
        "classification": {
            "scheme": "CPV",
            "id": "72250000",
            "description": "System and support services"
        },
        "mainProcurementCategory": "services",
        "description": "Provision of Security Operations Centre Managed Service Requirement: Prior Information Notice. The Crown Prosecution Service (CPS) has a security function within the Digital and Information Directorate (DID), delivering a professional approach and striving for Security Excellence in the provision of all IT services. Whilst the Security team is internal, the CPS is seeking to procure a Security Operations Centre (SOC) service. The Security Operations Centre is a key service for the CPS, and it is critical that any supplier delivering this service understands the nature of the business, the key role that the CPS plays within the Criminal Justice System and the need for a full 24 x 7 x 365 security service, as there are services available outside office hours.",
        "lots": [
            {
                "id": "1",
                "description": "Prior Information Notice for Provision of a Security Operations Centre (SOC) Service: The Crown Prosecution Service (CPS) has a security function within the Digital and Information Directorate (DID), delivering a professional approach and striving for Security Excellence in the provision of all IT services. Whilst the Security team is internal, the CPS is seeking to procure a Security Operations Centre (SOC) service. The Security Operations Centre is a key service for the CPS, and it is critical that any supplier delivering this service understands the nature of the business, the key role that the CPS plays within the Criminal Justice System and the need for a full 24 x 7 x 365 security service, as there are services available outside office hours. The CPS plans to (separately) procure a SIEM tool and is looking for a SOC provider to complement its cyber defensive capabilities in providing: * Managing the CPS SIEM solution, including: o Onboarding / removal of SIEM feeds and/or configuration of SIEM tool o Creating customised alerts o 24x7x365 monitoring of alerts, including analysing alerts to detect threats and configuration of security orchestration, automation and response. * Provide cyber threat Intelligence, including: o Threat Intel - Identify, Investigate and hunt for cyber threats to gain insight into attacker behaviour, infrastructure, motives and IOCs'. o Vulnerability Intelligence - identify vulnerabilities that pose the most risk to their organisation, reducing downtime, and preventing attacks. o Supply chain intelligence - monitor the CPS's supply chain o Brand intelligence - provide analytical insights to proactively defend against new and emerging threats to your brand, products, employees, executives, and suppliers. * Capability integration - continually improve the detection capabilities of the SIEM by learning from cyber threat intelligence and incidents. * Incident response, including: o Work according to agreed incident response processes, playbooks with the customer. o Identify, analyse, contain and eradicate, recover (see below) and review incidents. o Provide Forensic analysis / forensic evidence gathering as required (preferably NCSC certified) * Compliance Management - help ensure that applications, security tools and processes comply with privacy regulations, namely Data Protection Act. The SOC provider will be expected to record incidents in the CPS ITSM tool to automate the production of incident management information. The SOC provider will also be required to assist with the trending of incidents and attend operational level meetings with the CPS and other suppliers as required. At this stage, the CPS is seeking to engage with the supply market as part of an information-gathering exercise to understand how suppliers might approach the provision of the services outline above, particularly with regard to any developments in SIEM / SOC delivery and innovation. Suppliers who wish to express their interest in this potential opportunity should do so via the contact details contained within the notice and present their observations on how the requirements within this Prior Information Notice could be fulfilled. This may take any format and should cover the following areas per as minimum: * Observations / Comments on the customer requirements, particularly the feasibility of adding forensic analysis and NCSC certified Cyber Incident Responder retainer capability to the requirements. * how the provision of the SOC service has been modernised in recent years * approach to ensure Service Excellence * Recommendation for SIEM tool(s) and reasons.",
                "status": "planned"
            }
        ],
        "items": [
            {
                "id": "1",
                "additionalClassifications": [
                    {
                        "scheme": "CPV",
                        "id": "72250000",
                        "description": "System and support services"
                    }
                ],
                "deliveryAddresses": [
                    {
                        "region": "UKI"
                    }
                ],
                "relatedLot": "1"
            }
        ],
        "communication": {
            "futureNoticeDate": "2024-01-31T00:00:00Z"
        }
    },
    "parties": [
        {
            "id": "GB-FTS-90184",
            "name": "Crown Prosecution Service",
            "identifier": {
                "legalName": "Crown Prosecution Service",
                "noIdentifierRationale": "notOnAnyRegister"
            },
            "address": {
                "streetAddress": "102 Petty France",
                "locality": "LONDON",
                "region": "UKI3",
                "postalCode": "SW1H 9EA",
                "countryName": "United Kingdom"
            },
            "contactPoint": {
                "name": "Patience Arinaitwe",
                "email": "patience.arinaitwe@cps.gov.uk"
            },
            "roles": [
                "buyer"
            ],
            "details": {
                "url": "https://www.cps.gov.uk",
                "classifications": [
                    {
                        "scheme": "TED_CA_TYPE",
                        "id": "MINISTRY",
                        "description": "Ministry or any other national or federal authority, including their regional or local subdivisions"
                    },
                    {
                        "scheme": "COFOG",
                        "description": "Security Operations Centre Managed Service"
                    }
                ]
            }
        }
    ],
    "buyer": {
        "id": "GB-FTS-90184",
        "name": "Crown Prosecution Service"
    },
    "language": "en"
}