Threat Intelligence and Digital Risk
A Prior Information Notice
by NATIONAL GRID UK LIMITED
- Source
- Find a Tender
- Type
- Contract (Services)
- Duration
- not specified
- Value
- £-£2M
- Sector
- TECHNOLOGY
- Published
- 26 Jan 2022
- Delivery
- not specified
- Deadline
- 28 Feb 2022 00:00
Concepts
Location
United Kingdom:
1 buyer
- National Grid Warwick
Description
National Grid is looking to continue to deliver and enhance their Threat & Risk Management capabilities and ensure the external services utilised are still relevant, providing the most value and strategic partners. Operationally, it's key that National Grid achieve improved service delivery across the areas of security; including Security Operations, Threat Intelligence, Vulnerability Management, and Risk Management teams. It is critical that all services can flex to meet our future needs whilst insuring stability in the current operating environment. The required services, ranging from Threat Intelligence, Vulnerability Management, Digital Risk Management and Third Party Risk will be used to detect and respond to cyber threats and vulnerabilities outside the network perimeter and will enable protection, monitoring, and give early indication of security risks. This must be done according to regulated policies to maintain security of National Grid, its reputation, data, assets and to manage impact of security events affecting our third parties.
Lot Division
| 1 | Threat Intelligence A cyber threat intelligence feed including strategic and technical intelligence on threat actors and attack patterns. Intelligence should provide regular reporting to inform the Security team of changes to the threat landscape and new threats. The service must also enable integration with a Threat Intelligence Platform to enable automated actions. |
| 2 | Vulnerability Management An external vulnerability management service that detects vulnerabilities to National Grids externally facing assets through continuous assessment of the digital footprint. Such a service will detect exposed services, open ports, and vulnerabilities. Tactical reporting will enable timely resolution, and the service will enable integration with centralised logging to allow for automated response. |
| 3 | Digital Risk Management A digital risk management service will scan open, deep, and dark web resources to identify risks to National Grid. Examples include potential phishing domains, data loss, or credentials. Tactical reporting will enable timely resolution, and the service will enable integration with centralised logging to allow for automated response. |
| 4 | Third Party Risk A focus on third party risk management; this service should provide insight into risks associated with third parties; such as security incidents or data breaches that may have an impact to the security of National Grid. |
CPV Codes
- 72000000 - IT services: consulting, software development, Internet and support
Indicators
- Restrictions apply to the lot award allocation.
Other Information
** PREVIEW NOTICE, please check Find a Tender for full details. ** We use the Achilles Utilities Vendor Database (UVDB) when compiling lists of potential suppliers for our goods and services requirements. For the majority of our purchases, it is a condition of supplying to National Grid that suppliers are registered on the UVDB. For more information please visit: https://www.nationalgrid.com/suppliers/new-suppliers
Reference
- ocds-h6vhtk-030f98
- FTS 002303-2022