Managed Security Services

Location

Birmingham

Description

GSA require a Managed Detection and Response, Security service to mitigation of threats across the GSA's digital environment.

Total Quantity or Scope

The service includes Managed Detection and Response, Security Information and Event Management, Endpoint Detection and Response supported by Next Generation Anti‑Virus, identity monitoring, cyber threat intelligence, threat hunting, cyber maturity assessments, efficiency testing and full incident response readiness. These capabilities collectively enable the proactive identification, investigation and mitigation of threats across the GSA's digital environment. Managed Detection and Response (MDR). Enterprise data will be captured and analysed for indicators of attack or compromise, which, if discovered, shall initiate a first response. This response will be either automated or human, depending on the source of the detection. GSA require Level 1 and 2 support, and the first one hour of any Level 3 investigations. Support levels are defined below. Level 1 The first line of security analysts who manage security tools and run regular reporting. At this level, alerts and alert urgency will be determined by the security team. Decisions about escalation to Level 2 will also be undertaken at this level. Level 2 The second line of security analysts / engineers who have the expertise required to get to the root of a problem and assess which part of the enterprise may be compromised. Remediation and repair of problems is expected and issues for additional investigation will be highlighted. Level 3 The third line of security engineers / incident responders, which consists of highly skilled technical resource. If required, personnel will use advanced detection methods (threat hunting) to identify and neutralise the threat, providing remediation advice to the Client's IT team. Key deliverables: - Managed Detection and Response (MDR) Service o 24/7x365 Threat Detection & Response o Ongoing Detection Engineering o Ongoing Use Case Development o Cyber Threat Intelligence (CTI) o Threat Hunting o Cyber Maturity Assessment o Incident Response (first 1 hour of IR) o Dedicated Customer Success Manager - SIEM Licensing (Splunk) 100GB - CrowdStrike EDR Licensing with Falcon Mobile (1650 endpoints)

Award Detail

Award Criteria

CPV Codes

• 72222300 - Information technology services

Indicators

• Award on basis of price.

Legal Justification

GSA has undertaken a direct award via an existing compliant framework agreement in accordance with the Public Contracts Regulations. This approach has been justified on the grounds of extreme urgency brought about by events that were unforeseeable and outside the control of the authority. The requirement for a managed security service has arisen due to an immediate and critical need to ensure the continued protection of organisational systems, data, and infrastructure against evolving cyber security risks. The timescales associated with conducting a full competitive procedure would not have enabled the authority to meet these urgent operational and security requirements. The selected framework was originally procured in compliance with the relevant procurement regulations and provides a lawful route to market. The direct award mechanism available within the framework enables the authority to appoint a capable supplier within the required timeframe while maintaining compliance, transparency, and value for money. This approach ensures continuity of service and mitigates significant risk, while remaining fully aligned with procurement regulations and the strict conditions governing the use of urgency provisions. The overarching objective of this procurement is to ensure that GSA have a continued Managed Security Service that ensures the organisation's cybersecurity posture is maintained and continuously improved over the life of the contract. There is insufficient time is available to conduct a competitive procurement, the use of the G Cloud 14 Framework and the continued engagement with the incumbent supplier will ensure value for money is delivered in terms of economy, efficiency, and effectiveness.