Awarded to Security Alliance Limited

Start date: Tuesday 5 December 2017
Value: £53,800
Company size: SME

Government Digital Service (GDS), part of Cabinet Office

WP1490a(re-issued): Threat Intelligence for GOV.UK

2 Incomplete applications

1 SME, 1 large

4 Completed applications

1 SME, 3 large

• Published: Thursday 19 October 2017
• Deadline for asking questions: Thursday 26 October 2017 at 11:59pm GMT
• Closing date for applications: Thursday 2 November 2017 at 11:59pm GMT

Overview

• Summary of the work: GOV.UK will be undergoing a penetration test. GDS are seeking a CBEST approved supplier to provide Threat Intelligence information under the GBEST security assessment framework.
• Latest start date: Monday 4 December 2017
• Location: London
• Organisation the work is for: Government Digital Service (GDS), part of Cabinet Office
• Budget range: £40k - £60k

About the work

• Why the work is being done: GOV.UK is the website for the UK government. It’s the best place to find government services and information.; ; The site is maintained by the Government Digital Service (GDS).; ; GOV.UK will be undergoing a penetration test. GDS are seeking a CBEST approved supplier to provide Threat Intelligence information under the GBEST security assessment framework.; ; The GBEST framework aligns itself to that of CBEST and is split into 4 phases. This tender concerns itself with Phase 2, for the provision of Threat Intelligence, ahead of Penetration Testing in Phase 3 (procured separately).
• Problem to be solved: The provider is expected to supply a summary of key threats to the functioning of GOV.UK, detailing the highest scoring threats to be prioritised by the Penetration Testers.; ; Reports are expected to be the standard of CBEST, prioritising risks to address in Phase 3 Penetration Test.; ; Expected outputs:; Threat Modelling; Threat Intelligence Plan ; Targeting/TI Reports (Draft), Test Plan (Draft) ; Targeting/TI Reports ; Intelligence Assessment; ; The work should be completed by mid-February, but the TI provider is expected to remain available to answer questions from the Penetration Testers (Phase 3). We expect the Penetration Test will be complete by latest end April.
• Who the users are and what they need to do: As a member of the public ; I need to be confident in GOV.UK; So that I can rely on the information provided; ; As a Government Publisher; I need to trust GOV.UK; So that I can be confident that our content is secure and accurate
• Early market engagement: Crown Commercial Services informed the marketplace of the launch of the GBEST pilot scheme in September and October. Whereby 2 departments intend to go out to tender for the provision of CBEST approved Threat Intelligence via the Digital Outcomes and Specialist framework 2
• Any work that’s already been done: n/a
• Existing team: Technical Architect and Delivery Manager
• Current phase: Live

Work setup

• Address where the work will take place: GDS, Whitechapel Building, Whitechapel High Street, E1 and also supplier premises
• Working arrangements: Remote working required, travel potentially required to other gov't departments. The TI provider should check-in once a week with updates on how it is going.
• Security clearance: Baseline Personnel Security Standard (BPSS)

Additional information

• Additional terms and conditions: The provider must share information as laid out in the GBEST Implementation Guide and abide by the GBEST Principles. Any non-disclosure agreements must not hinder the delivery of the scheme, specifically, relevant information should be readily shared between the Threat Intelligence provider, the Penetration Tester and GDS. ; ; All expenses must be pre-agreed between the parties and must comply with the Cabinet Office Travel and Subsistence Policy.; ; All vendors are obliged to provide sufficient guarantees to implement appropriate technical and organisational measures so that the processing meets the requirements of GDPR and ensures the protection of the rights of data subjects.

Skills and experience

Buyers will use the essential and nice-to-have skills and experience to help them evaluate suppliers’ technical competence.

• Essential skills and experience:
  • CBEST approved, CREST certified Threat Intelligence Manager, successfully assessed against CBEST criteria to supply CBEST Threat Intelligence services.
  • Experience with performing Threat Intelligence work for modern, web- and service-based architectures and cloud technologies
  • Experience of agile delivery processes
  • Experience of assisting customers with Threat Modelling

How suppliers will be evaluated

• How many suppliers to evaluate: 3
• Proposal criteria:
  • How will you will deliver the TI within the GBEST framework?
  • What TI processes/framework will you utilise?
  • What TI tooling/resources will you utilise?
  • How will you deliver the output from the TI process?
  • Team structure and skill-sets.
  • Value for money
• Cultural fit criteria:
  • Work as a team with our organisation and other suppliers
  • Excellent communication skills
  • Take responsibility for their work
• Payment approach: Fixed price
• Assessment methods:
  • Written proposal
  • Work history
  • Presentation
• Evaluation weighting:

  Technical competence

  70%

  Cultural fit

  10%

  Price

  20%

Questions asked by suppliers

No questions have been answered yet