Contract award notice
Results of the procurement procedure
Section I: Contracting
entity
I.1) Name and addresses
University of Glasgow
Procurement Office, Tay House
Glasgow
G12 8QQ
UK
Contact person: Stephen Otiende
Telephone: +44 1413304012
E-mail: stephen.otiende@glasgow.ac.uk
Fax: +44 0000000000
NUTS: UKM82
Internet address(es)
Main address: http://www.gla.ac.uk/
Address of the buyer profile: https://www.publiccontractsscotland.gov.uk/search/Search_AuthProfile.aspx?ID=AA00108
I.4) Type of the contracting authority
Body governed by public law
I.5) Main activity
Education
Section II: Object
II.1) Scope of the procurement
II.1.1) Title
PURCH2317 PROVISION OF A CONTRACT FOR MANAGED SECURITY SERVICES
Reference number: PURCH2317
II.1.2) Main CPV code
72212732
II.1.3) Type of contract
Services
II.1.4) Short description
PURCH2317 PROVISION OF A CONTRACT FOR MANAGED SECURITY SERVICES FOR THE PERIOD OF 3 YEARS WITH THE OPTION TO EXTEND FOR TWO PERIODS OF 12 MONTHS EACH WITH BREAKPOINTS AT EACH 12 MONTH INTERVAL.
Tender documents available from Public Contracts Scotland.
Tender returns should be submitted via Public Contracts Scotland, no paper copies will be accepted. Should paper tenders be submitted, they will be rejected. Further to this any questions or communications regarding individual tender exercises must be sent via the Public Contracts Scotland Portal. Tender queries received through any other channel will not be answered. Should users of Public Contracts Scotland have any problems with the web site they should contact website Support Desk, contact details can be found by following the ‘Contact Us’ option on the left hand menu at http://www.publiccontractsscotland.gov.uk/default.aspx
II.1.6) Information about lots
This contract is divided into lots:
No
II.2) Description
II.2.3) Place of performance
NUTS code:
UKM82
II.2.4) Description of the procurement
PURCH2317 PROVISION OF A CONTRACT FOR MANAGED SECURITY SERVICES FOR THE PERIOD OF 3 YEARS WITH THE OPTION TO EXTEND FOR TWO PERIODS OF 12 MONTHS EACH WITH BREAKPOINTS AT EACH 12 MONTH INTERVAL.
The UofG Information Security team establishes the policy, toolset, and oversight for robust defence against cyber threats. Cyber security alerts are generated around the clock, given the University's extensive online operations. The University has adopted Office 365 Education A5 Licensing and currently leverages Microsoft Sentinel as a SIEM and alerting tool. In addition to Sentinel's native and Microsoft 365 Defender alerts, we also incorporate Suricata IDS and select Windows log-based events. These are likewise accessible to UofG staff through the console.
We necessitate services encompassing Security Operations Centre with Microsoft XDR capabilities as well as an Incident Response retainer to bolster our cybersecurity posture.
A partner is required assist with the operations and engineering tasks associated with the monitoring of this system in a 24x7x365 fashion. Actioning agreed alerts according to UofG playbook specifications (this could include a wide range of responses including, isolation machine with malware, flagging email accounts as compromised, initiating remote forensic investigations)
We are also seeking a partner to provide additional Threat Hunting, Threat Intelligence and advice on security best practice and design for gathering further security telemetry from a diverse set of technologies such as additional server-based log sources, Sophos Central, Cisco Firepower and InfoBlox. To help us further increase our visibility and security posture.
We additionally require Incident Response capability to be offered via retainer.
Refer to ITT document for detailed specification.
II.2.5) Award criteria
Quality criterion: Technical Capability
/ Weighting: 25%
Quality criterion: Functionality
/ Weighting: 10%
Quality criterion: Additional Services and Supplier Certifications
/ Weighting: 10%
Quality criterion: Customer Access
/ Weighting: 10%
Quality criterion: University Terms and Conditions
/ Weighting: 5%
Price
/ Weighting:
40%
II.2.11) Information about options
Options:
No
II.2.13) Information about European Union funds
The procurement is related to a project and/or programme financed by European Union funds:
No
Section IV: Procedure
IV.1) Description
IV.1.1) Type of procedure
Open procedure
IV.1.8) Information about Government Procurement Agreement (GPA)
The procurement is covered by the Government Procurement Agreement:
Yes
IV.2) Administrative information
IV.2.1) Previous publication concerning this procedure
Notice number in the OJ S:
2023/S 000-031644
Section V: Award of contract
Contract No: PURCH2317
A contract/lot is awarded:
No
V.1 Information on non-award
The contract/lot is not awarded
Other reasons (discontinuation of procedure)
Section VI: Complementary information
VI.3) Additional information
Once the deadline has passed submissions can neither be created nor submitted. It is not advisable for Suppliers to wait until the last moment before creating and dispatching a response in case of any last minute problems. Please note large files should be uploaded as early as possible to ensure transfer before deadline. If a Supplier is having problems uploading to the PCS site, then the University must be informed well in advance and depending upon the merit of the case, the University may arrange for the tender to remain open on the PCS system for a short period after the deadline time stated. System problems do not fall under the University’s remit and should be referred to PCS.
Postbox Security: Postbox submissions cannot be accessed by anyone, including Millstream, (the provider of the Public Contracts Scotland system) until the deadline.
Freedom of Information
The Freedom of Information (Scotland) Act 2002 (FOISA), which came into force on 1 January 2005, designates University of Glasgow as a Scottish public authority and therefore subject to the provisions and obligations in that Act. This means that any person who makes a valid request for information held by University of Glasgow will be entitled to receive it, unless all or part of that information can be withheld by virtue of the exemptions in that Act.
under the Act, University of Glasgow may be required to disclose any information held relating to your response to anyone who makes a request under that Act. Such information may only be withheld if it meets one or more of the exemptions or conditions in that Act. Even if an exemption is available University of Glasgow may nevertheless disclose requested information. Information held cannot simply be classified as “confidential" or "commercial in confidence" to enable it to be protected from disclosure.
University of Glasgow may publish the names and contact details of companies who have been issued with a Questionnaire on its website.
Information may also be requested under the UK General Data Protection Regulation (UK GDPR) tailored by the Data Protection Act 2018 and the Environmental Information (Scotland) Regulations 2004.
(SC Ref:761542)
VI.4) Procedures for review
VI.4.1) Review body
Glasgow Sheriff Court & Justice of the Peace Court
1 Carlton Place
Glasgow
G5 9TW
UK
VI.5) Date of dispatch of this notice
20/03/2024