Ministry of Defence, JFC - C4ISR Joint User Cyber

Cyber Risk Tooling - Design Phase

Incomplete applications

11
Incomplete applications
6 SME, 5 large

Completed applications

3
Completed applications
1 SME, 2 large
Important dates
Opportunity attribute name Opportunity attribute value
Published Thursday 21 February 2019
Deadline for asking questions Thursday 28 February 2019 at 11:59pm GMT
Closing date for applications Thursday 7 March 2019 at 11:59pm GMT

Overview

Overview
Opportunity attribute name Opportunity attribute value
Summary of the work Designing of a tool base that ingests and Analyses all cyber risk data, aligned with the Joint User vision.
Production of a Stakeholder Map.
Understand User Requirements/available data.
Analysis of existing capability.
Creation of costed options for the Development Phase.
Outline of Skills and experience required for the next phase.
Latest start date Monday 15 April 2019
Expected contract length 6 Weeks, plus an additional 1.5 week option to extend (pending financial approval)
Location London
Organisation the work is for Ministry of Defence, JFC - C4ISR Joint User Cyber
Budget range Up to £70,000 (Inc. VAT and T&S)

About the work

About the work
Opportunity attribute name Opportunity attribute value
Why the work is being done The Cyber Risk Management Function (part of the MOD’s Cyber Security Operations Capability (CSOC)) requires a set of tools that will allow for automation of the ingestion, storage, analysis and exploitation of Cyber risks, and informing data, to keep pace with the increasing level of cyber risks being discovered. The Cyber Risk tooling capability is required by September 2019 to fall in line with programme expansion and roll out. This Design Phase is to scope what can be delivered by this deadline.
Problem to be solved Additional support is required to fulfil the Design Phase of the project, ensuring that an appropriate solution is defined that will offer a stable foundation and scalable configuration for the growing cyber risk management capability, while providing immediate benefit to users. The foundations will allow for the ingest of all cyber risk-related data such as threats, vulnerabilities, cyber events and incidents data. This will also permit rapid broadening of the data import, analytics and data exploitation capabilities, which will allow the MOD to understand its cyber risk exposure and the prioritised risks that need treatment.
Who the users are and what they need to do Ministry of Defence – primarily the Cyber Risk Management Team in C4ISR & Cyber Joint User and the Defence Assurance and Information Security (DAIS) team, with growth across the MOD in time.
The user’s need includes a design for an automated method of ingesting, storing and analysing of Cyber Risks based on an existing big data platform.
Early market engagement N/A
Any work that’s already been done We have multiple capabilities that have been researched and developed. these would need reviewing to see how they would fit into any new design moving forward. These capabilities cover Data Structure, Analysis and to some extent visualisation.
The core system is the Defensive Cyber Capability with a core data lake CySAFA (Cyber Situational Awareness Fusion Architecture) This has been developed to store and exploit DCO data for a wide range of stakeholders. Any design will need to align to the architectural approach to this system this will include compatibility with HDP3, Hadoop and RESTfulAPI.
Existing team The existing CRM and DAIS team consists of crown servants and military personnel who have a wide range of functions and skillsets. All of which are based in MOD Main Building London and RAF Wyton.
Current phase Discovery

Work setup

Work setup
Opportunity attribute name Opportunity attribute value
Address where the work will take place MOD Main Building London, and occasional visits to: MOD Corsham, RAF Wyton, Andover, Portsmouth, High Wycombe and MOD Abbey Wood Bristol.
Working arrangements Successful team to work from MOD Main Building London, to support the existing team. T&S is available for visits to additional sites, this must be in line with MOD policy. A T&S breakdown is to be included in the costings and must be within overall budget.
Security clearance DV Clearance. All clearances must be in place prior to the contract starting due to the projects the team are required to work with.

The Authority WILL NOT sponsor DV/SC Clearance, it must be in place and remain valid for the duration of the contract.

Additional information

Additional information
Opportunity attribute name Opportunity attribute value
Additional terms and conditions • Bid Responses to be submitted on the templates provided and in Microsoft Office Excel/Word 2007-2016 format only.
• T&S will be paid based on receipted actuals and in compliance with MoD Policy, no other expenses are permitted.
• Suppliers must use the Authorities Purchase to Payment Tool called CP&F or be prepared to sign up to the tool.

Skills and experience

Buyers will use the essential and nice-to-have skills and experience to help them evaluate suppliers’ technical competence.

Skills and experience
Opportunity attribute name Opportunity attribute value
Essential skills and experience
  • Demonstrable experience of helping organisations achieve an enterprise level view in order to support the delivery of complex projects
  • Experience of System architecture design.
  • Understanding of PaaS and Hadoop based infrastructures.
  • Understanding of the Agile Project Management Methodology for implementation planning.
  • Expertise in Database structures and Data ontology development.
  • Understanding of the latest techniques for data normalisation and analysis.
  • Understanding of how to manage structured and unstructured data.
  • Understanding of Data visualisation techniques and integration.
  • Confirmation that the team awarded the work has the relevant security clearances.
Nice-to-have skills and experience
  • Demonstrable and relevant experience of undertaking knowledge transfer
  • Have the ability to think creatively and can articulate innovative ideas to solving complex business and ICT problems.
  • Ability to present and articulate technical risks in a business context
  • Understanding and experience of working with HMG/ MOD policies including JSP 440 and 604
  • Cyber Security Risk management knowledge.

How suppliers will be evaluated

How suppliers will be evaluated
Opportunity attribute name Opportunity attribute value
How many suppliers to evaluate 3
Proposal criteria
  • Documented evidence of essential skills (Limited to 6 pages and 2000 words) plus CVs which are not included in the word count and can be sent as seperate documents. (10%)
  • Documented proposed approach including collaboration with existing teams. (10%)
  • Explanation of how the approach or solution meets user needs. (15%)
  • Estimated timeframes for the work. (10%)
  • Documented evidence of the identified risks and dependencies, offering approaches to effectively manage them. (15%)
  • Evidence of suggested team structure. (10%)
Cultural fit criteria
  • Must be able to work in a mixed team of Military, MOD Civil Service and industry partners. (4%)
  • Have excellent interpersonal and influencing skills and a positive approach. (2%)
  • Ability to transfer knowledge and upskill staff. (2%)
  • Values and behaviours in line with MOD core values. (2%)
Payment approach Fixed price
Assessment methods Written proposal
Evaluation weighting

Technical competence

70%

Cultural fit

10%

Price

20%

Questions asked by suppliers

Questions asked by suppliers
Supplier question Buyer answer
1. We have an open source tool for this purpose which can be installed on premise or in the cloud which is a product of 3 years of R&D work in a finance company. This tool could be base for your solution, free to use and customisable for your requirements. Unfortunately none of our members DV cleared and most of team members based out of France and Turkey. if you can be relax around security rules, you can shorten your development cycle and reduce the costs significantly. Due to the nature of this requirement and the locations of the work, it is necessary for the successful supplier to have their DV clearances in place before the start of the project.
2. Does the Customer have an existing/incumbent supplier providing current support to the project? We can confirm there is not an existing/incumbent supplier for this requirement.