Departments retain defence and security firms for ‘cyber incident response’

Commercial documents show Cabinet Office and Home Office have signed deals for firms to provide on-demand support
Image: CoolVid-Shows/Pixabay

By Sam Trendall

17 Mar 2022

Two of government’s major departments have signed retainers with commercial partners to provide on-demand support in responding to “cyber incidents”.

On 2 March, the Cabinet Office entered into a one-year contract with BAE Systems. The deal, which offers the option of a 12-month extension, will be worth at least £50,000 to the global defence contractor, according to recently release commercial information. 

The contract notice indicates that the department is “seeking a commercial partner to provide retained on-demand access to cyber incident response expertise”.

More newly published commercial documents reveal that the Home Office has also agreed a similar engagement, through which an external company – in this case Deloitte – will be available to support its response to cyberattacks and other threats.

The deal, described as a “cyber incident response retainer”, will see personnel from the professional services firm deployed on demand to assist in the department’s handling of security issues. In doing so, they will work alongside Home Office officials and in support of internal security resources.

“This contract supports the HO Security Operations Centre,” the contract-award notice said. “The CSOC provides the core capability of protective monitoring for all Home Office networks and responding to all cybersecurity threats. The cyber incident response retainer contract ensures that appropriate support can be efficiently and effectively deployed to augment the CSOC as required.”

The contract will be worth £700,333 over its three-year term. Despite only being published last week, the deal came into effect in late 2020. It is due to run until 1 November 2023.

In January, the Government Cyber Security Strategy set out plans for protecting public-sector organisations against attacks and included a target that all public bodies will “resilient to known vulnerabilities and attack methods no later than 2030”.

The policy paper sets out a two-pronged approach to driving improvements cybersecurity, with the first being to ensure that “government organisations have the right structures, mechanisms, tools and support in place to manage their cybersecurity risks”.

“The second is to ‘defend as one’,” according to the strategy document.

“Recognising that the scale and pace of the threat demands a more comprehensive and joined-up response, government will harness the value of sharing cyber security data, expertise and capabilities across its organisations to present a defensive force disproportionately more powerful than the sum of its parts.”

Sam Trendall is editor of CSW's sister title PublicTechnology, where this story first appeared and which will host the PublicTechnology Cyber Security Summit on 29 March

Share this page