Awarded to GATEWAY TECHNOLABS UK LTD

Start date: Monday 17 February 2020
Value: £13,000
Company size: SME

Local Pensions Partnership (LPP)

Information & Cyber Security Discovery - To inform business case

21 Incomplete applications

14 SME, 7 large

20 Completed applications

16 SME, 4 large

• Published: Tuesday 26 November 2019
• Deadline for asking questions: Tuesday 3 December 2019 at 11:59pm GMT
• Closing date for applications: Tuesday 10 December 2019 at 11:59pm GMT

Overview

• Summary of the work: To further enhance and improve upon existing information and cyber security capabilities, a discovery phase analysis outcome is required to identify whether the Local Pensions Partnership (LPP) can utilise and benefit from the usage of third party partner 'Security Operations Centre' (SOC) services.
• Latest start date: Thursday 2 January 2020
• Expected contract length: We would expect this outcome to be completed in no more than 2 working months (40 days - maximum)
• Location: London
• Organisation the work is for: Local Pensions Partnership (LPP)
• Budget range: £15,000 (Fixed price)

About the work

• Why the work is being done: To further enhance and improve upon existing information and cyber security capabilities, a discovery phase analysis outcome is required to identify whether the Local Pensions Partnership (LPP) can utilise and benefit from the usage of third party partner 'Security Operations Centre' (SOC) services. Such services would include the full range of SOC services as well as the usage of new and existing digital information and cyber security tools to extend monitoring, detection and response to threats, as well as to take proactive preventative action. The usage of such services would extend LPP's information and cyber security capabilities to a 24/7/365 basis. The content of the analysis would determine the feasibility and provide content to inform a business case.
• Problem to be solved: This outcome will provide a comprehensive documented view of the following:; ; - The information & cyber security SOC requirements within LPP. (which will need to be identified as part of this outcome, and should also cover the required coverage and resource skills that a SOC will provide LPP.); ; - A traceable view of the requirements to what a SOC can provide LPP.; ; - A determination of high level costs (internal v's external).; ; - An understanding of the information & cyber security digital technologies in use within LPP, which would be within the scope of a SOC to monitor.; ; - The benefits of utilising a SOC, as opposed to the current approach in use.; ; - The high level costs of both approaches.; ; - A recommendation on which approach to proceed with.
• Who the users are and what they need to do: The following list is a subset or identified user-stories: ; ; 1) As a security manager, I need to ensure that LPP's IT technologies, data and domain are subject to continuous threat-monitoring.; ; 2) As a security manager,. I need to ensure that pro-active preventative measures are undertaken to protect LPP, based on a changing environment / threat landscape. ; ; 3) As a security manager,, I need to ensure that pro-active and reactive threat detection is occurring on a continuous basis, thereby enabling action to be taken to protect LPP technologies, data and the domain.; ; 4) As a security manager, I need to ensure that LPP's security monitoring is continuously reflective of industry standards, and is subject to continuous improvement.; ; 5) As a security manager, I need to ensure technologies and awareness exists which can identify/resolve any new or existing threats, in order to protect LPP technologies, data and the domain.; ; 6) As a security manager, I need to ensure all threat monitoring, detection, prevention or responses are subject full documentation, in an auditable manner.; ; 7) As a security manager, I need to ensure a cost effective approach to 24/7/365 security threat-monitoring, detection and any response to protect LPP technologies, data and the domain.
• Existing team: LPP's Security Working Group and its membership form the existing team with responsibility for information and cyber security.
• Current phase: Discovery

Work setup

• Address where the work will take place: LPP's Central London Office - Union Street, London, SE1
• Working arrangements: It is envisioned that a supplier would work on-site (to interact and interview key members of LPP's Security Working Group), as well as off-site to document and prepare the analysis.
• Security clearance: All supplier resources should be subject to BPSS clearance at a minimum, which should be undertaken by the supplier prior to commencement of the outcome engagement. ; Additionally, suppliers must adhere to LPP IT policies, which includes the mandatory usage of encryption on devices, with up-to-date A/V & firewall software in-place.

Additional information

• Additional terms and conditions: The contract will utilise the Standard Framework terms and conditions, as well as LPP's standard terms and conditions (where necessary).

Skills and experience

Buyers will use the essential and nice-to-have skills and experience to help them evaluate suppliers’ technical competence.

• Essential skills and experience:
  • Demonstrable experience of delivering a discovery phase analysis within a public sector organisation
  • Demonstrable experience of deliver a discovery phase analysis within a highly regulated organisation.
  • Demonstrable experience of delivering a discovery phase analysis within a financial sector organisation
  • Demonstrable experience of analysing information and cyber security requirements within a financial sector organisation
  • Demonstrable experience of utilising the services of a security operations centre within a customers organisation.
  • Demonstrable understanding of the typical security components and capabilities found within public and private cloud services, as well as IdAM & network technologies
  • Demonstrable understanding of typical security needs within organisations and their technological ecosystems
• Nice-to-have skills and experience:
  • Ability to source all required skillsets to successfully deliver this outcome
  • Demonstrable experience of flexible working

How suppliers will be evaluated

All suppliers will be asked to provide a written proposal.

• How many suppliers to evaluate: 3
• Proposal criteria:
  • A plan for delivery of the outcome in full, including (but not limited to) milestones & phases
  • An understanding of value for money
  • Approach and methodology to deliver this outcome in full
  • How risk will be minimised to ensure delivery of this outcome in full
• Cultural fit criteria:
  • Work as a team with our organisation and other suppliers
  • Take responsibility for their work
  • Challenge the status quo
  • Can work with clients with low technical expertise
• Payment approach: Fixed price
• Additional assessment methods:
  • Reference
  • Presentation
• Evaluation weighting:

  Technical competence

  75%

  Cultural fit

  5%

  Price

  20%

Questions asked by suppliers

• 1. Will bidding on this discount us from bidding on the actual SOC service, should you consider going down this route?: The decision to continue to Alpha and Beta stages will be dependent on the outcome of the Discovery project. We welcome all bids, at all stages, from suppliers who can meet our requirements.
• 2. Is the 15k inclusive of VAT?: No it is not.
• 3. Can you confirm this is outside IR35?: At this time it is understood that this discovery exercise is outside of IR35.
• 4. Our primary consultants are booked in Jan but we have an associate network that we can use which will have the right person, is this something you would be happy with? (we can provide additional support from Head office): As a buyer we are focused on the successful completion of the outcome. It is up to each supplier to determine how they can successfully delivery the outcome, including which resources they utilise.
• 5. What is the expected split between on site and offsite work?: Please refer to the field 'Working arrangements' for an answer to this question.
• 6. Does bidding for the Discovery phase preclude you from being able to deliver the SOC capability, if that is a route chosen by LPP as a result of this exercise?: The decision to continue to Alpha and Beta stages will be dependent on the outcome of the Discovery project. We welcome all bids, at all stages, from suppliers who can meet our requirements.
• 7. Please clarify if by doing this work would we still be able to compete to be the SOC provider.: The decision to continue to Alpha and Beta stages will be dependent on the outcome of the Discovery project. We welcome all bids, at all stages, from suppliers who can meet our requirements.
• 8. What is meant by 'experience of utilising the services of a security operations centre': This relates to a supplier demonstrating to us that they are familiar with (in depth) in the utilisation of the services of a Security Operations Centre within a customers environment, as opposed to only within their own environment.
• 9. What products are within the environment? Vendor name, product name and versions?Number of licensesNumber of LocationsDo you need to comply with anything ie PCI-DSS or any other?Do you operate 24x7Do you have your own data centre’s: In reference to your specific question: We are unable to provide a full list of products, including vendor name and versions, number of licenses, number of locations, in the 100 word response which we are limited to within the Digital Marketplace.; To provide relevant information:; - We are predominantly utilise Microsoft technologies, across four physical 'office; locations, We currently utilise two data-centres, as well as Microsoft's cloud.; We generally operation 8am-8pm, although please note that this outcome covers 24x7x365 security monitoring. We adhere to data compliance as well as being FCA regulated.