View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Government Computing
February 18, 2019

MOD signals shift in Cyber Vulnerability Investigations procurement plan

Signalling a shift in the MOD's s procurement strategy for cyber vulnerability investigations (CVIs) for the armed forces, the Information Systems & Services has started looking for CVIs as a service (CVIaaS) with separate procurement notices for the Air Force, Army and Navy.

Image: MOD signals shift in Cyber Vulnerability Investigations procurement strategy. Photo: Courtesy of Markus Spiske on Unsplash.

Signalling a shift in the procurement strategy for cyber vulnerability investigations (CVIs) for the armed forces by the Ministry of Defence (MOD) , the Information Systems & Services has started looking for CVIs as a service (CVIaaS) with separate procurement notices for the Air Force, Army and Navy.

CVIs, which analyse digital systems and platforms to understand where they may be vulnerable, have been run for the armed forces since 2014 based on a Defence Science and Technology Laboratory (Dstl) methodology.

In 2017, a CVI Ops Cell was established within the MOD to deliver a 10-year programme of the investigations.

So far, CVIs have been purchased individually or in packages, known as a tranche-based approach. However, the individual procurement notices published recently on the Digital Marketplace said that this has limited the forces’ agility in responding to changing demands around operations and threats.

The MOD is now looking to establish an ‘as a service’ approach under which suppliers can be called to deliver the work for the CVI Ops Cell.

The business has been valued at up to £9m over a year for each of the three domains.

The ministry has also said that it is planning a further procurement for a service for CVIs that cover all three domains.

Content from our partners
How hackers’ tactics are evolving in an increasingly complex landscape
Green for go: Transforming trade in the UK
Manufacturers are switching to personalised customer experience amid fierce competition

The CVI programme services include domain cyber vulnerability and risk analysis; programme management; target of investigation (ToI) scoping; CVI delivery; specialist CVI activities which may include technical testing, concept demonstrators, code analysis; and cross-domain information sharing, CVI good practice and lessons learned.

In Stage 2, shortlisted suppliers will be asked to provide a proposal for a ToI representative of this domain.

Applications will be accepted until 27 February 2019 and work under the contract will commence on 6 May 2019.

The procurement notices said that there is no existing team that delivers this requirement and the supplier chosen will deliver this work for and on behalf of the MOD CVI Ops Cell.

The user community is distributed across Defence with the core delivery leads based in Corsham, London and RAF Wyton, it said.

Topics in this article : ,
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU