NW2237 -the provision of OT Anomaly Detection Solution (Hardware, Software, Implementation & Support)

Concepts

• durham
• information technology
• nwl
• provision of ot anomaly detection solution
• software package
• ot anomaly detection solution
• anomaly detection solution
• security posture of our ot estate
• ot anomaly detection system
• detection

Location

North East England:

Description

Northumbrian Water Limited (NWL) provide water and sewerage services to just under 4.4 million people operating principally in the North-East of England and Essex and Suffolk. It is NWL's vision 'to be the most digital water company in the world' therefore it is our mission to find a partner to support our Developer Services Product. NWL would like to identify a partner to supply and help implement an OT Anomaly Detection solution with the right functionality that supports our business needs and provides future flexibility as our business evolves and grows its cyber capabilities. Northumbrian Water Limited (NWL) has a regulatory requirement to implement an Operational Technology (OT) anomaly detection solution as part of our cyber resilience enhancement programme. This programme aims to deliver multiple benefits across the company by enhancing our cyber security strategy, processes, and tools to ensure compliance with the Network and Information Systems (NIS) Directive. We require a commercial, off-the-shelf solution which can be deployed by our onsite engineers, with the help and guidance from the vendor's support team. The OT Anomaly detection solution is required to: • Provide automated asset inventory capability • Identify and risk assess vulnerabilities for the assets identified • Monitoring of configuration changes • Provide understanding of data connectivity • Carry out Anomaly Detection to highlight and risk assess potential security incidents to be investigated A key part of our cyber resilience enhancement programme is to improve the security posture of our OT estate and after recently implementing a managed hybrid Security Operations Centre (SOC), we aim to bring our OT monitoring, detection, and response in line with our existing IT capability. To effectively integrate with our SOC, any OT anomaly detection system must be capable of sending alerts (at minimum) to our SIEM (Splunk Cloud). In addition to the security monitoring enhancements the OT anomaly detection system will bring to our compliance with the NIS Directive/Regulations, the additional asset discovery and vulnerability identification are key areas in which we expect the solution to assist.

Renewal Options

After the initial 36 months, an optional 24 months extension will be available.

CPV Codes

• 72000000 - IT services: consulting, software development, Internet and support
• 48000000 - Software package and information systems

Indicators

• This is a one-off contract (no recurrence)
• Options are available.
• Renewals are not available.
• Financial restrictions apply.
• Professional qualifications are sought.
• Technical restrictions apply.

Other Information

** PREVIEW NOTICE, please check Find a Tender for full details. ** Applicants are asked to note that this procurement process will be conducted electronically with all documents and communication being managed through the Northumbrian Water eSourcing Spend Management portal called 'Ariba'. Expressions of interest for this tender must be sent to the e-mail address expressions@nwl.co.uk before the deadline date of 06/01/23 at 12 noon. Once expression of interest has been received that contains the details below, applicants will be given access to the Ariba portal within 48 hours from request. This portal will contain all the tender documents associated with this procurement that are available at the time. An email link will also be provided to the email address you provide to access the portal. The deadline for return of the completed PQQ is 16/01/23 at 12 noon. When sending expression of interest, applicants must provide the following information: 1) Full company name 2)Main contact details of the person who will be given access to the Ariba portal- Name, Job title, Emails address and telephone.