OT and IT Cybersecurity Services framework
A Utilities Periodic Indicative Notice
by SCOTTISH HYDRO ELECTRIC TRANSMISSION PLC
- Source
- Find a Tender
- Type
- Future Framework (Services)
- Duration
- 10 year
- Value
- 150M
- Sector
- TECHNOLOGY
- Published
- 08 Jul 2024
- Delivery
- To 08 Jul 2034 (est.)
- Deadline
- n/a
Concepts
Location
Onsite delivery services to take place in the UK
2 buyers
Description
Scottish Hydro Electric Transmission Plc. (SHET) seeks a skilled provider of Operational Technology (OT) cybersecurity assurance services and IT cybersecurity services. The supplier will act as an independent assurance authority, ensuring that OT systems are designed, delivered and managed in a secure manner and in line with SHET and national standards.
Total Quantity or Scope
Detailed description … SHET seeks suppliers with experience in all of the following; Audit Review & Compliance Cyber Security Training & Awareness Design and Build of Turnkey Cyber Security Services Digital Forensics Incident Management & Response Risk Assessment and Management Services Security Architecture Services Security Consultancy Security Testing Technical Cyber Assurance Vulnerability Management Desirable; o Infrastructure Managed Service Support o Network Service Managed Service Support o IT managed services delivery (including but not limited to networking, infrastructure, cybersecurity) o Vendor Cyber Assurance Managed Services. There may be a future requirement for IT managed services, IT cybersecurity services and project delivery services to be provided by the supplier, so it is desirable that the supplier have the capability to provide IT managed services (for example but not limited to networking, infrastructure, cybersecurity specialisms) and professional services. This may include implementing new security tools or architectures.
Renewal Options
Duration estimate reflects initial term with extension options up to a maximum term of 10 years
CPV Codes
- 72600000 - Computer support and consultancy services
Indicators
- Bids should cover the whole contract.
- Renewals are available.
- Financial restrictions apply.
- Professional qualifications are sought.
- Staff qualifications are relevant.
- Award on basis of price and quality.
Other Information
Among key responsibilities the prospective supplier would provide design assurance, assurance of onsite installation, security testing, threat-intelligence, and operational assurance. Additionally they may be required to provide ad-hoc projects and support with incident management and response, digital forensics, security, network and infrastructure consulting. The supplier should be able to provide CREST certified penetration testing services There may be a future requirement for IT managed services, IT cybersecurity services and project delivery services to be provided by the supplier, so it is desirable that the supplier have the capability to provide IT managed services (for example but not limited to networking, infrastructure, cybersecurity specialisms), cybersecurity services and professional services. This may include implementing new security tools or architectures. The PIN estimate reflects a combination of day to day capacity, flex contingency, potential ad-hoc projects and support services, and is not a promise or guarantee that the estimate will be reached during the initial or renewal terms.
Reference
- FTS 020845-2024