Results for “Security”

The Contracting Authority requires a multiplexed molecular analysis system capable of performing direct, amplification-free, digital quantification of gene expression (mRNA and miRNA) and protein targets from limited and potentially degraded clinical samples. The system will be used primarily for patient-derived specimens, including FFPE and other clinically archived materials, where RNA quantity and integrity may be limited. The solution must therefore demonstrate high sensitivity, reproducibility, and robustness to sample degradation. The required system must provide a complete sample-to-data workflow, enabling end-to-end processing, automated or semi-automated operation, and integrated data analysis suitable for use by scientific staff without advanced bioinformatics expertise. To access this opportunity, you must first register as a “Supplier” on the Authority’s e-tendering portal here: https://atamis-1928.my.site.com/s/Welcome

Lot - 1: FRH Cyber Security Tooling & Managed Services for GWR & AWC AI-powered managed cybersecurity is essential to counter a threat landscape marked by short attack timelines and sophisticated automated attacks. To address this, the organisation will procure a single integrated 24/7 managed security service covering Email Security, Network Detection and Response (NDR), Endpoint Detection and Response (EDR), and Security Information and Event Management (SIEM). The solution uses AI-driven automation, machine learning, and a managed SOC model to deliver real-time detection, triage, containment, and recovery across the estate. Automated detection and response reduce alert fatigue, cut mean time to respond (MTTR) and eliminate workflow bottlenecks that inhibit manual or traditional SOC operations. AI-powered response enables machine-speed containment for threats detected anywhere across the network, endpoint, email, and cloud services, while ensuring seamless integration of new and existing tooling. *- Strategic Objectives Enhance Threat Detection and Response Capabilities: Use AI-powered analysis and automation across email, endpoints, networks, and cloud environments for real-time detection and disruption of evolving threats, including zero-day attacks and business email compromise. The service provides real-time, data-driven insights and analytics, ensuring high-fidelity detection and response across all monitored domains. Reduce Dwell Time: AI automation enables rapid correlation and response, reducing dwell time from days to minutes in managed environments by minimising manual analysis lags and increasing accuracy through automated playbooks for containment actions. Ensure Regulatory Compliance: Continuous monitoring, automated reporting, and audit-grade response documentation support compliance mandates (e.g., GDPR, NIS2) and provide ready evidence for regulatory investigations. Ensure alignment and certification to industry best practices CSO/IEC 42001 (Artificial Intelligence Management System), ISO/IEC 27001 (Information Security Management System), ISO 22301 (Business Continuity Management System (BCMS)), Cyber Essentials, and Cyber Essentials Plus. Enable Proactive Defence: The solution supports automated threat hunting and anomaly detection to intervene early in the attack lifecycle, rather than relying solely on alert-based or reactive workflows. Optimise Resource Allocation: Automated detection and response to significantly reduce time spent dealing with email-based threats, allowing staff to focus on higher-value work. *- Scope of Services The organisation seeks a 24/7 fully managed security service covering: AI-driven Email Security, integrating threat intelligence and auto-remediation (using technologies such as Mimecast and Microsoft Defender). AI-driven NDR with behaviour analytics, automated response, and cloud app coverage (including M365, leveraging DarkTrace). AI-driven EDR integrated with SIEM, delivering automated detection, triage, and containment. AI-driven SIEM with unified log collection, AI-powered correlation, and enrichment from endpoint, network, and email telemetry. Wide compatibility and integration with common enterprise IaaS, PaaS and SaaS providers. Automated response and proactive threat hunting are built into the service. AI tunes out false positives in real time. NDR, EDR, and Email Security are orchestrated via SIEM, providing a centralised view and seamless handoff between detection, investigation, and response. *- Key Benefits Value for Money: Competitive tendering for integrated AI-driven managed services enables benchmarking, cost optimisation, and elimination of margin losses from operational inefficiency. Strengthening Security Capability and Outcomes: The solution delivers 24/7 managed detection and response with proven incident investigation, escalation, and rapid containment. Automated triage addresses >90% of alerts, moving human analysts to exception management and threat hunting. Reducing Operational and Delivery Risk: Relying on automated incident response closes the talent gap, addresses analyst burnout, and places delivery risk with suppliers that maintain AI-enhanced SOC capabilities. SLA-driven performance and machine-speed automated actions are formally contracted. Improving Governance, Auditability, and Transparency: Automated, AI-driven audit trails ensure end-to-end traceability of every incident, action, and management decision, enabling regulatory reporting and internal audit compliance. Enabling Scalability and Future Flexibility: AI-driven architecture processes thousands more alerts per day without proportional increases in headcount, supporting scale as business needs and threat volumes evolve. Supporting Compliance and Regulatory Obligations: The managed SOC operates within recognised frameworks (e.g., ISO 27001, ISO 42001, ISO 22301, Cyber Essentials and UK NIS and GDPR) and supplies compliance reporting and rapid incident response evidence proactively. Lot - 2 *- Strengthening Security Capability and Outcomes The scope of this procurement includes the replacement or renewal of several core cybersecurity capabilities, including: - Internet Security Gateway (ISG): Advanced inspection and protection of web traffic to mitigate malicious and high-risk internet activity - Zero Trust Network Access (ZTNA): Secure, identity- and context-based remote access, reducing reliance on legacy VPN solutions - Privileged Access Management (PAM): Control, monitoring, and auditing of privileged identities and access pathways (applicable to Group, Bus and Rail) - AI Governance and Control: Enforcement of policies governing access to internet-based AI services, SaaS platforms, and APIs to prevent unauthorised usage, data leakage, and compliance breaches - CASB and Data Loss Prevention (DLP): Protection of sensitive data across sanctioned and unsanctioned SaaS applications (applicable to Avanti West Coast) The solution must integrate seamlessly with FirstGroup's existing technology and security ecosystem, leveraging artificial intelligence and threat intelligence to enable continuous monitoring, automated policy enforcement, and proactive detection of emerging threats. *- Reducing Operational and Delivery Risk FirstGroup requires autonomous response and intelligent technical policy controls to reduce the operational burden on internal IT and security teams and address skills constraints within the organisation. Suppliers must demonstrate: - Mature and effective security governance frameworks - Robust operational controls and service management processes - Proven capabilities in incident management, access control, and service continuity Given the critical nature of the systems and data involved, cybersecurity is considered a material enterprise risk, and solutions must be resilient, secure, and aligned with best practices. *- Improving Governance, Auditability, and Transparency To ensure consistent assurance across all bidders, shortlisted suppliers will be required to complete the FirstGroup Supplier Information Security Assessment via the RiskXChange platform. This assessment evaluates supplier maturity across key domains, including: - SOC assurance and security operations - IT service management - Secure software development - Business continuity and disaster recovery - Identity and access management - Data protection and privacy - DDoS protection and cloud security governance This approach ensures a high standard of auditability, comparability, and transparency throughout the procurement process. *- Enabling Scalability and Future Flexibility The proposed solution must be scalable, adaptable, and future-ready, capable of supporting: - Evolving business requirements - Hybrid and distributed working models - Increasing adoption of cloud services and AI technologies Automation and AI-driven controls are expected to support a transition from reactive security operations to proactive and preventative security management, including dynamic policy enforcement across web, cloud, and AI service usage. *- Supporting Compliance and Regulatory Obligations Suppliers must provide certification with recognised industry standards, including: - ISO/IEC 27001 (Information Security Management) - ISO 22301 (Business Continuity Management) - ISO/IEC 42001 (Artificial Intelligence Management Systems) - UK NCSC-backed schemes Cyber Essentials and Cyber Essentials Plus In addition, the solution must support compliance with applicable UK regulations, including: - UK GDPR and the Data Protection Act, ensuring lawful, secure, and transparent processing of personal data - UK Network and Information Systems (NIS) Regulations, where applicable, including measures for risk management and incident reporting. *- Strategic Alignment of Tooling This procurement supports the delivery of Cyber Security Tooling for First Rail Holdings, including FirstGroup, FirstBus, FirstBus London, London Cable Car, Hull Trains, Lumo Trains, FirstRailLondon, Trams Operations Ltd (TOL), Air Coach, Avanti West Coast, Great Western Railway. The selected supplier will be responsible for delivering and managing an integrated, end-to-end security capability encompassing: - Internet access security - Cloud and AI governance - Privileged access management - Zero Trust connectivity This will improve overall security effectiveness, operational efficiency, organisational resilience, and regulatory compliance across participating operating companies.

DSIT is seeking a Regional Delivery Partner who will be responsible for ensuring successful on-the-ground delivery of the TechFirst youth programme in the North West. TechFirst is the Government’s flagship digital and technology skills programme, created to remove skills as a barrier to growth in the sector. The sector relies on specialist digital and STEM skills, but there is a clear gap between demand and supply. This programme aims to build the sustainability and diversity of the tech talent pipeline, creating the foundations for long-term growth in one of the Government's 8 growth-driving sectors. The youth strand of TechFirst, TechYouth, aims to reach 1 million students in schools and colleges across the UK with opportunities to develop their digital skills, gain confidence with AI and insight into a range of potential tech careers. Regional delivery partners will support the programme at a local level, delivering skills building activities and career inspiration days for schools and colleges in the area. They will work in partnership with local industry and academia to achieve this. With the support of Regional Delivery Partners, the TechYouth programme should spark young people's interest in technology and encourage more to pursue digital and computing qualifications at age 14 and 16, both academic and vocational. It will particularly encourage uptake from currently underrepresented groups, including girls and those from socioeconomic disadvantage. These students will form the pipeline of future technology researchers and professionals needed for the sector to achieve its potential growth.

Crown Commercial Service (CCS) set up a dynamic purchasing system for a period of 60 months and has invited bidders to request to participate for the Cyber Security Services 3 DPS. This DPS provides central government departments and the wider public sector with the opportunity to procure cyber services from a range of suppliers. The DPS filters are for certification, services, standards and experience. Appointed suppliers will be invited by customers (buyers) to submit tenders for relevant services through a call for competition. This notice is to advise that this DPS has been extended to 13/02/2027 and based on current spend profiling the estimated total value has been increased to £800million.

Crown Commercial Service (CCS) set up a dynamic purchasing system for a period of 60 months and has invited bidders to request to participate for the Cyber Security Services 3 DPS. This DPS provides central government departments and the wider public sector with the opportunity to procure cyber services from a range of suppliers. The DPS filters are for certification, services, standards and experience. Appointed suppliers will be invited by customers (buyers) to submit tenders for relevant services through a call for competition. This notice is to advise that this DPS has been further extended to 13/02/2029 and based on current spend profiling the estimated total value will remain as £800million. Additional information: This DPS was extended to 13/02/2025 and based on the spend profiling at that time the estimated total value was increased to £255million. This DPS was further extended to 13/02/2027 and based on the spend profiling the estimated total value was been increased to £800million. Please be advised that this DPS has been extended for the final time and the end date will be 13/02/2029. Please note the Closing Date, Contract Start Date and Contract End Date have been manipulated to support compatibility system issues. However please refer to the contract notice for the correct dates, timelines etc.

Crown Commercial Service (CCS) set up a dynamic purchasing system for a period of 60 months and has invited bidders to request to participate for the Cyber Security Services 3 DPS. This DPS provides central government departments and the wider public sector with the opportunity to procure cyber services from a range of suppliers. The DPS filters are for certification, services, standards and experience. Appointed suppliers will be invited by customers (buyers) to submit tenders for relevant services through a call for competition. This notice is to advise that this DPS has been extended to 13th February 2029 and based on current spend profiling the estimated total value remains as £800million.

PA invites organisations to participate in a 60-month DPS for the provision of IT and Cyber Security Services. The DPS will be accessible by all current and future Clients of PA. The DPS may be used by all NHS Trusts, Social Housing Providers, Local Authorities, Blue Light Services, Education, Charities and all other contracting authorities that are located in the United Kingdom. Procurement Assist is publishing this Notice of Amendment made pursuant to the original Notice 2023/S 000-014645 to extend the DPS to 31 May 2029. The remaining information in relation to this DPS is unchanged.

PA invites organisations to participate in a 60-month DPS for the provision of IT and Cyber Security Services. The DPS will be accessible by all current and future Clients of PA. The DPS may be used by all NHS Trusts, Social Housing Providers, Local Authorities, Blue Light Services, Education, Charities and all other contracting authorities that are located in the United Kingdom. Procurement Assist is publishing this Notice of Amendment made pursuant to the original Notice 2023/S 000-014645 to extend the DPS to 31 May 2029. The remaining information in relation to this DPS is unchanged.

This procurement is being conducted by the Metropolitan Police Service (MPS) on behalf of the Mayor's Office for Policing and Crime (MOPAC) who are the Contracting Authority as defined in Section 2 of the Procurement Act 2023. Cyber security infrastructure software 

UKHSA has begun a programme to develop and implement a Cyber Security Management System for all Industrial Automated Control Systems (IACS)

Managed SOC and SIEM services for continuous monitoring, threat detection, and response

The contracting authority intends to procure a digital capability and delivery partner under Digital Outcomes and Specialists 7 (DOS7), Lot 2 – Digital Capability and Delivery Partners. The requirement is expected to involve the provision of appropriately skilled specialists and teams to support delivery across technical and security‑related programmes and acitivites in the Government Digital Service. Award under Framework RM1043.9 Digital Outcomes and Specialists 7 Lot 2 Digital Capability And Delivery Partners

Contract for Digital Services for Heat Zoning Tool