--- title: "ScotRail Cyber Security Architecture" ocid: "ocds-r6ebe6-0000730055" canonical_url: "https://d3tenders.com/contract/?ocid=ocds-r6ebe6-0000730055" markdown_url: "https://d3tenders.com/contract/ocds-r6ebe6-0000730055.md" json_url: "https://d3tenders.com/contract/ocds-r6ebe6-0000730055.json" source: "Public Contracts Scotland" current_stage: "Award" buyer: "SCOTRAIL TRAINS LTD" published: "2024-03-25" --- # ScotRail Cyber Security Architecture Buyer: SCOTRAIL TRAINS LTD Current stage: Award OCID: ocds-r6ebe6-0000730055 [View canonical contract page](https://d3tenders.com/contract/?ocid=ocds-r6ebe6-0000730055) [Download OCDS JSON](https://d3tenders.com/contract/ocds-r6ebe6-0000730055.json) ## Summary The ScotRail Trains Ltd has awarded a contract for the ScotRail Cyber Security Architecture project to NCC Group Security Services Limited. The procurement process aimed to modernize the existing IT cyber security architecture, focusing on implementing managed detection and response capability and protecting privileged accounts. The contract was signed on 27th February 2024, and the project included multiple lots, each addressing different cyber security aspects. This tender presents a significant business growth opportunity for companies with expertise in cyber security services. The procurement process, led by ScotRail Trains Ltd, focused on selective procurement using a negotiated procedure with prior call for competition. Businesses in the goods sector, particularly those specializing in cyber security solutions, would find this tender suitable for bidding. The opportunity allows for engagement in a structured procurement process for enhancing ScotRail's cyber security capabilities and requires adherence to specified criteria and deadlines. ## Notice ScotRail Trains Limited (SRT) invites prospective suppliers to participate in this procurement process to become a key partner in supporting the modernisation of the existing IT cyber security architecture. With the following key objectives: Implement 24-7 managed detection and response capability; Provide a seamless protection and management for privileged accounts; Rationalise and/or integrate and mesh cyber security systems together to ensure events are correlated and a view can be taken across multiple systems; Improve ScotRail's ability to prevent cyber security events and breaches; Improve ScotRail's ability to detect cyber security events and breaches; Improve ScotRail's ability to contain cyber security events and breaches; Improve ScotRail's ability to recover from security events and breaches ### Lot Information Privileged Access Management (PAM) ScotRail Trains Limited (SRT) invites prospective suppliers to participate in this procurement process to become a key partner in supporting the modernisation of the existing IT cyber security architecture. With the following key objectives: Implement 24-7 managed detection and response capability; Provide a seamless protection and management for privileged accounts; Rationalise and/or integrate and mesh cyber security systems together to ensure events are correlated and a view can be taken across multiple systems; Improve ScotRail's ability to prevent cyber security events and breaches; Improve ScotRail's ability to detect cyber security events and breaches; Improve ScotRail's ability to contain cyber security events and breaches; Improve ScotRail's ability to recover from security events and breaches. The opportunity is split into the following Lots and suppliers are invited to apply for 1 or multiple lots: - Lot 1 - Privileged Access Management (PAM) - Lot 2 - Lot 2 - Security Information and Event Management (SIEM) - Lot 3 - Extended Detection and Response (XDR) - Lot 4 - Endpoint Detection and Response (EDR) - Lot 5 - Managed Detection and Response (MDR) The full business requirements for each Lot are contained in the 'ScotRail Requirements Document - Cyber Security Architecture' which can be accessed through the link to the E-Sourcing portal and clicking on the event for Cyber Security Architecture (https://scotrail.wax-live.com/S2C/DisplayModules/TradeModules/Negotiations/Opportunities/ListEvents.aspx). https://scotrail.wax-live.com/S2C/DisplayModules/TradeModules/Negotiations/Opportunities/ListEvents.aspx Renewal: The proposed contract term is a 3 year initial term, with the option to extend this for a potential further 2 or 4 years, this will be explored and confirmed at the ITN stage. Security Information and Event Management (SIEM) ScotRail Trains Limited (SRT) invites prospective suppliers to participate in this procurement process to become a key partner in supporting the modernisation of the existing IT cyber security architecture. With the following key objectives: Implement 24-7 managed detection and response capability; Provide a seamless protection and management for privileged accounts; Rationalise and/or integrate and mesh cyber security systems together to ensure events are correlated and a view can be taken across multiple systems; Improve ScotRail's ability to prevent cyber security events and breaches; Improve ScotRail's ability to detect cyber security events and breaches; Improve ScotRail's ability to contain cyber security events and breaches; Improve ScotRail's ability to recover from security events and breaches The opportunity is split into the following Lots and suppliers are invited to apply for 1 or multiple lots: - Lot 1 - Privileged Access Management (PAM) - Lot 2 - Lot 2 - Security Information and Event Management (SIEM) - Lot 3 - Extended Detection and Response (XDR) - Lot 4 - Endpoint Detection and Response (EDR) - Lot 5 - Managed Detection and Response (MDR) Renewal: The proposed contract term is a 3 year initial terms, with the option to extend this for a potential further 3 or 4 years, this will be explored and confirmed at the ITN stage. Extended Detection and Response (XDR) ScotRail Trains Limited (SRT) invites prospective suppliers to participate in this procurement process to become a key partner in supporting the modernisation of the existing IT cyber security architecture. With the following key objectives: Implement 24-7 managed detection and response capability; Provide a seamless protection and management for privileged accounts; Rationalise and/or integrate and mesh cyber security systems together to ensure events are correlated and a view can be taken across multiple systems; Improve ScotRail's ability to prevent cyber security events and breaches; Improve ScotRail's ability to detect cyber security events and breaches; Improve ScotRail's ability to contain cyber security events and breaches; Improve ScotRail's ability to recover from security events and breaches The opportunity is split into the following Lots and suppliers are invited to apply for 1 or multiple lots: - Lot 1 - Privileged Access Management (PAM) - Lot 2 - Lot 2 - Security Information and Event Management (SIEM) - Lot 3 - Extended Detection and Response (XDR) - Lot 4 - Endpoint Detection and Response (EDR) - Lot 5 - Managed Detection and Response (MDR) Renewal: The proposed contract term is a 3 year initial terms, with the option to extend this for a potential further 3 or 4 years, this will be explored and confirmed at the ITN stage. Endpoint Detection and Response (EDR) ScotRail Trains Limited (SRT) invites prospective suppliers to participate in this procurement process to become a key partner in supporting the modernisation of the existing IT cyber security architecture. With the following key objectives: Implement 24-7 managed detection and response capability; Provide a seamless protection and management for privileged accounts; Rationalise and/or integrate and mesh cyber security systems together to ensure events are correlated and a view can be taken across multiple systems; Improve ScotRail's ability to prevent cyber security events and breaches; Improve ScotRail's ability to detect cyber security events and breaches; Improve ScotRail's ability to contain cyber security events and breaches; Improve ScotRail's ability to recover from security events and breaches The opportunity is split into the following Lots and suppliers are invited to apply for 1 or multiple lots: - Lot 1 - Privileged Access Management (PAM) - Lot 2 - Lot 2 - Security Information and Event Management (SIEM) - Lot 3 - Extended Detection and Response (XDR) - Lot 4 - Endpoint Detection and Response (EDR) - Lot 5 - Managed Detection and Response (MDR) Renewal: The proposed contract term is a 3 year initial terms, with the option to extend this for a potential further 3 or 4 years, this will be explored and confirmed at the ITN stage. Managed Detection and Response (MDR) ScotRail Trains Limited (SRT) invites prospective suppliers to participate in this procurement process to become a key partner in supporting the modernisation of the existing IT cyber security architecture. With the following key objectives: Implement 24-7 managed detection and response capability; Provide a seamless protection and management for privileged accounts; Rationalise and/or integrate and mesh cyber security systems together to ensure events are correlated and a view can be taken across multiple systems; Improve ScotRail's ability to prevent cyber security events and breaches; Improve ScotRail's ability to detect cyber security events and breaches; Improve ScotRail's ability to contain cyber security events and breaches; Improve ScotRail's ability to recover from security events and breaches The opportunity is split into the following Lots and suppliers are invited to apply for 1 or multiple lots: - Lot 1 - Privileged Access Management (PAM) - Lot 2 - Lot 2 - Security Information and Event Management (SIEM) - Lot 3 - Extended Detection and Response (XDR) - Lot 4 - Endpoint Detection and Response (EDR) - Lot 5 - Managed Detection and Response (MDR) Renewal: The proposed contract term is a 3 year initial terms, with the option to extend this for a potential further 3 or 4 years, this will be explored and confirmed at the ITN stage. ## Key Details | Field | Value | | --- | --- | | Publication source | Public Contracts Scotland | | Latest notice | https://www.publiccontractsscotland.gov.uk/search/show/search_view.aspx?ID=MAR501670 | | Notice type | OJEU - F6 - Contract Award Notice (Utilities) | | Procurement type | Standard | | Procurement category | Goods | | Procurement method | Selective | | Procurement method details | Negotiated procedure with prior call for competition | | Tender suitability | Not specified | | Awardee scale | Large | | All stages | Tender, Award | ## Dates | Field | Value | | --- | --- | | Publication date | 25 Mar 2024 | | Submission deadline | 24 May 2023 | | Future notice date | Not specified | | Award date | 27 Feb 2024 | | Contract period | Not specified | | Recurrence | Not specified | ## Values | Field | Value | | --- | --- | | Tender value | Not specified | | Lots value | Not specified | | Awards value | Not specified | | Contracts value | Not specified | ## Status | Field | Value | | --- | --- | | Tender status | Complete | | Lots status | Active, Complete | | Awards status | Not specified | | Contracts status | Active | ## Buyer | Field | Value | | --- | --- | | Main buyer | SCOTRAIL TRAINS LTD | | Locality | GLASGOW | | Post town | Not specified | | Postcode | N/A | | Country | Not specified | | ITL 1 | Not specified | | ITL 2 | Not specified | | ITL 3 | Not specified | | Local authority | Not specified | | Electoral ward | Not specified | | Westminster constituency | Not specified | | Delivery location | TLM Scotland | ## Supplier | Field | Value | | --- | --- | | Number of suppliers | 1 | | Supplier names | NCC GROUP SECURITY SERVICES | ## CPV Codes ### Divisions - 48 - Software package and information systems ### Codes - 48000000 - Software package and information systems ## Release History - 25 Mar 2024 at 00:00 - Award - OJEU - F6 - Contract Award Notice (Utilities) - https://www.publiccontractsscotland.gov.uk/search/show/search_view.aspx?ID=MAR501670 - 21 Apr 2023 at 00:00 - Tender - OJEU - F5 - Contract Notice (Utilities) - https://www.publiccontractsscotland.gov.uk/search/show/search_view.aspx?ID=APR476869 ## Documents - https://www.publiccontractsscotland.gov.uk/search/show/search_view.aspx?ID=APR476869 ScotRail Cyber Security Architecture - ScotRail Trains Limited (SRT) invites prospective suppliers to participate in this procurement process to become a key partner in supporting the modernisation of the existing IT cyber security architecture. With the following key objectives: Implement 24-7 managed detection and response capability; Provide a seamless protection and management for privileged accounts; Rationalise and/or integrate and mesh cyber security systems together to ensure events are correlated and a view can be taken across multiple systems; Improve ScotRail's ability to prevent cyber security events and breaches; Improve ScotRail's ability to detect cyber security events and breaches; Improve ScotRail's ability to contain cyber security events and breaches; Improve ScotRail's ability to recover from security events and breaches - https://www.publiccontractsscotland.gov.uk/search/show/search_view.aspx?ID=MAR501670 ScotRail Cyber Security Architecture - ScotRail Trains Limited (SRT) invites prospective suppliers to participate in this procurement process to become a key partner in supporting the modernisation of the existing IT cyber security architecture. With the following key objectives: Implement 24-7 managed detection and response capability; Provide a seamless protection and management for privileged accounts; Rationalise and/or integrate and mesh cyber security systems together to ensure events are correlated and a view can be taken across multiple systems; Improve ScotRail's ability to prevent cyber security events and breaches; Improve ScotRail's ability to detect cyber security events and breaches; Improve ScotRail's ability to contain cyber security events and breaches; Improve ScotRail's ability to recover from security events and breaches ## Notice URLs - http:// - https://api.publiccontractsscotland.gov.uk/v1/Notice?id=ocds-r6ebe6-0000730055 - https://scotrail.wax-live.com/S2C/DisplayModules/TradeModules/Negotiations/Opportunities/ListEvents.aspx - https://www.scotrail.co.uk/ ## Provenance This Markdown file is an alternate public rendering of the D3 Tenders contract record. The canonical page is https://d3tenders.com/contract/?ocid=ocds-r6ebe6-0000730055. The underlying structured data is available as OCDS JSON at https://d3tenders.com/contract/ocds-r6ebe6-0000730055.json.