Site navigation

UK’s Ministry of Justice Invites Cybersecurity Platform Bids

Duncan MacRae

,

Ministry of Justice office sign UK

The Ministry of Justice team lacks a single, centralised store of logs that can be queried to help correlate cross-system attacks and track adversarial actors’ behaviours.

The UK’s Ministry of Justice (MoJ) has invited bids for the creation of a single, centralised cybersecurity log collection and aggregation platform.

The organisation has a diverse estate with a variety of suppliers and technical systems. It now requires a platform to enable log collection, aggregation, storage, analysis and targeted forwarding capabilities.

An MoJ spokesperson said: “The Ministry of Justice is currently constrained in its ability to understand the cybersecurity posture of its current estates due to security logs being held in multiple systems.

“In many cases these systems are hard to query. The team lacks a single, centralised store of logs that can be queried to help correlate cross-system attacks and track adversarial actors’ behaviours.”

The MoJ has invited contractors to submit bids featuring solutions that can be implemented within 12 weeks, with the potential for a 12-week extension. Bids must fall within the allocated budget of £280,000 (excluding VAT).

The MoJ Security & Privacy team previously created a proposed architecture based on the MoJ’s Kubernetes cloud hosting environment (on AWS) and commonly used logging tooling (the Elasticsearch, Logstash and Kibana, or Elastic stack). This has been approved by the technical authorities, and is the recommended basis of contractors’ proposed implementations.

To put forward a bid, a contractor must have passed a Baseline Personnel Security Check (BPSS) as a minimum.

Recommended

So far, 27 companies have bid to carry out the work. The selected firm will bring its work to life in the MoJ’s Petty France office, along with various supplier locations.

In August, the MoJ issued an invitation for a contractor to review and provide guidance on the Ministry’s cybersecurity process.

A total of 30 organisations applied to provide internal staff, contractors, supply chain, and external partners with a comprehensive risk-balanced “stack” of policies, standards, guidelines, and procedures that supports the safe and secure functioning of the MoJ.

Duncan MacRae

Editor

Latest News

%d bloggers like this: