Cyber Security Services framework goes live

Crown Commercial Service’s new Cyber Security Services 2 framework is now live and available to help the public sector buy certified cyber security consultancy and services.

Cyber Security Services 2 is the second joint venture with the National Cyber Security Centre (NCSC), the UK government’s National Technical Authority for Information Assurance.

The framework offers a single, central route to market, giving central government and wider public sector buyers access to cyber security services, with the technical and qualitative assurance of NCSC certification.

There are four lots:

• Lot 1: Cyber Consultancy (Risk Assessment, Risk Management, Security Architecture, Audit & Review, Incident Management)
• Lot 2: CHECK Penetration Testing
• Lot 3: Incident Response
• Lot 4: Tailored Assurance

71% of the 121 suppliers signed up to provide services through the framework are SMEs.

The agreement runs for 12 months with the option to extend for a further 24 months.

Acting on feedback gained through comprehensive user research with buyers and suppliers, we have introduced a number of improvements for Cyber Security Services 2.

A central procurement route for Cyber Security

The NCSC has worked in partnership with Crown Commercial Services (CCS) to establish a central route to procure cyber services for the public sector.

This means that buyers have the assurance of NCSC’s robust technical and qualitative evaluation - required in their certification processes.

The new framework enables a competitive mini competition process, taking account of the differing needs of each user, and buyers are supported with simple but effective government terms and conditions for critical services.

Cyber Security Services 2 provides a semi dynamic award for suppliers - meaning that supplier’s or services can be added at any time during the life of the agreement. Only suppliers who have current NCSC certification for their services will be available for buyers to use.

In this way, we are able to improve the services offered to the Public Sector by increasing the technical and qualitative assurance attributed to the suppliers on Cyber Security Services 2.

Simplifying the bidding process

Cyber Security Services 2 is the first framework for which a new simplified tender pack, designed to make it easier for SMEs to supply to government, was rolled out.

CCS is also introducing the new ‘once only’ process, known as SID4GOV, allowing suppliers to reuse selection questionnaire responses when bidding for other public sector procurements, including competitions following an OJEU notice and mini competition tenders.

Find out more

To find out more about Cyber Security Services 2, visit the framework webpages.