Contract award notice
Results of the procurement procedure
Section I: Contracting
entity
I.1) Name and addresses
London Borough of Ealing
London Borough of Ealing, Perceval House, 14-16 Uxbridge Road
Ealing
W5 2HL
UK
Contact person: Ms Christine Baker
Telephone: +44 2088255122
E-mail: bakerc@ealing.gov.uk
NUTS: UK
Internet address(es)
Main address: http://www.ealing.gov.uk
Address of the buyer profile: http://www.ealing.gov.uk
I.4) Type of the contracting authority
Regional or local authority
I.5) Main activity
General public services
Section II: Object
II.1) Scope of the procurement
II.1.1) Title
Ealing ICT Cyber Security Contract 2023
Reference number: DN634936
II.1.2) Main CPV code
48220000
II.1.3) Type of contract
Supplies
II.1.4) Short description
Ealing Council required a range of managed security services provided by a trusted single source supplier who could provide flexible and integrated support over a 3 year contract term. This was to replace the existing contract for these services that expired on 28th February 2023. The contracting authority was seeking to procure services for:
1) Managed Security Operations Centre (SOC)
a) Security monitoring, threat protection, threat hunting and incident response covering a digital estate of over 4000 endpoints and 300 servers, across Windows, Linux, and Cloud-based (Azure) operating systems and environments;
b) Incident investigations, triage, and response;
c) Vulnerability scanning of many IP ranges / hosts with remediation tracking.
2) Incident Response
a) Implementation of joint incident response processes for major incidents, out-of-band communication mechanisms, and management plans Incident investigations, triage, and response;
b) Forensic analysis of indicators of compromise and analysis of malware samples to understand the extent of a compromise should it occur;
c) Rapid remote interception of, containment of, and response to live cyber threats;
d) Triage and first response without requiring intervention from Ealing personnel;
e) This should be read and answered in conjunction with the SOC requirement as complimentary services/capabilities.
3) Penetration Testing
a) Security audits and assessment including penetration testing of web applications and infrastructure, configuration and build reviews, etc...
b) IT Health Check Testing delivered by suitably qualified and experienced personnel, in accordance with NCSC Protocols;
c) 'Red Team' attack simulation services;
d) The supplier should be able to provide resourcing for approximately 100 days of penetration testing per annum.
The Council awarded a call off contract to Jumpsec Limited from the Crown Commercial Services Dynamic Purchasing System (DPS) "Cyber Security Services 3 - RM3764.3", in accordance with the rules of the DPS for the provision of ICT Cyber Security Services for a duration of three years commencing on the 1 March 2023, with a budget of £0.360m per annum.
II.1.6) Information about lots
This contract is divided into lots:
No
II.1.7) Total value of the procurement
Value excluding VAT:
1 080 000.00
GBP
II.2) Description
II.2.3) Place of performance
NUTS code:
UK
II.2.4) Description of the procurement
Ealing Council required a range of managed security services provided by a trusted single source supplier who could provide flexible and integrated support over a 3 year contract term. This was to replace the existing contract for these services that expired on 28th February 2023. The contracting authority was seeking to procure services for:
1) Managed Security Operations Centre (SOC)
a) Security monitoring, threat protection, threat hunting and incident response covering a digital estate of over 4000 endpoints and 300 servers, across Windows, Linux, and Cloud-based (Azure) operating systems and environments;
b) Incident investigations, triage, and response;
c) Vulnerability scanning of many IP ranges / hosts with remediation tracking.
2) Incident Response
a) Implementation of joint incident response processes for major incidents, out-of-band communication mechanisms, and management plans Incident investigations, triage, and response;
b) Forensic analysis of indicators of compromise and analysis of malware samples to understand the extent of a compromise should it occur;
c) Rapid remote interception of, containment of, and response to live cyber threats;
d) Triage and first response without requiring intervention from Ealing personnel;
e) This should be read and answered in conjunction with the SOC requirement as complimentary services/capabilities.
3) Penetration Testing
a) Security audits and assessment including penetration testing of web applications and infrastructure, configuration and build reviews, etc...
b) IT Health Check Testing delivered by suitably qualified and experienced personnel, in accordance with NCSC Protocols;
c) 'Red Team' attack simulation services;
d) The supplier should be able to provide resourcing for approximately 100 days of penetration testing per annum.
The Council awarded a call off contract to Jumpsec Limited from the Crown Commercial Services Dynamic Purchasing System (DPS) "Cyber Security Services 3 - RM3764.3", in accordance with the rules of the DPS for the provision of ICT Cyber Security Services for a duration of three years commencing on the 1 March 2023, with a budget of £0.360m per annum.
II.2.5) Award criteria
Cost criterion: Commercial
/ Weighting: 60
Cost criterion: Technical
/ Weighting: 40
II.2.11) Information about options
Options:
No
II.2.13) Information about European Union funds
The procurement is related to a project and/or programme financed by European Union funds:
No
Section IV: Procedure
IV.1) Description
IV.1.1) Type of procedure
Award of a contract without prior publication of a call for competition
Justification for selected award procedure:
The procurement falls outside the scope of application of the Directive
Explanation
The contract was a call off from the Crown Commercial Services Dynamic Purchasing System (DPS) "Cyber Security Services 3 - RM3764.3"
IV.1.8) Information about Government Procurement Agreement (GPA)
The procurement is covered by the Government Procurement Agreement:
No
Section V: Award of contract
Contract No: DN634936
A contract/lot is awarded:
Yes
V.2 Award of contract
V.2.1) Date of conclusion of the contract
20/12/2022
V.2.2) Information about tenders
Number of tenders received: 5
Number of tenders received from SMEs: 0
Number of tenders received from tenderers from EU Member States: 0
Number of tenders received from tenderers from non-EU Member States: 0
Number of tenders received by electronic means: 5
The contract has been awarded to a group of economic operators:
No
V.2.3) Name and address of the contractor
Jumpsec Limited
1 Golden Court
Richmond, Surrey
TW9 1EU
UK
Telephone: +44 3339398080
E-mail: lucy.edlund@jumpsec.com
NUTS: UK
The contractor is an SME:
No
V.2.4) Information on value of the contract/lot (excluding VAT)
Total value of the contract/lot:
: 1 080 000.00
GBP
V.2.5) Information about subcontracting
Section VI: Complementary information
VI.4) Procedures for review
VI.4.1) Review body
www.ealing.gov.uk
London Borough of Ealing, Perceval House, 14-16 Uxbridge Road
Ealing, London
W5 2HL
UK
Telephone: +44 2088259655
E-mail: johala@ealing.gov.uk
Internet address(es)
URL: www.ealing.gov.uk
VI.5) Date of dispatch of this notice
23/03/2023