MoJ has £280,000 to spend on a new Cybersecurity platform

Your mission, should you choose to accept it: “To implement, test and potentially iterate suggested architecture, onboarding tenants and then handing over the documented live production platform in an operable state to the engineering team”

Posted 27 November 2019 by

The Ministry of Justice (MoJ) wants to build a single, centralised cybersecurity log collection and aggregation platform – and is inviting bids from suitable potential partners for what could be a maximum £280,000 gig.

‘Ministry of Justice’ by Howard Lake on Flickr (some rights reserved)

MoJ says it’s identified the need of a platform to enable log collection, aggregation, storage, analysis, and targeted forwarding capabilities, with most of the work needing to be done at its base at Petty France in Central London.

In the tender, a procurement officer notes that,”The Ministry of Justice is currently constrained in its ability to understand the cybersecurity posture of its current estates due to security logs being held in multiple systems. 

“In many cases these systems are hard to query. The team lacks a single, centralized store of logs that can be queried to help correlate cross-system attacks and track adversarial actors’ behaviors.”

Hence the need for solutions that can be implemented within 12 weeks, with the potential for a 12-week extension.

Worth knowing as context: the MoJ Security and Privacy team created a proposed architecture for the platform based on the Ministry’s Kubernetes cloud-hosting environment on Amazon Web Services.

Commonly used logging tools like Elasticsearch, Logstash and Kibana, or Elastic stack are also used in the environment, and as all this tech has already been approved by the technical authorities, bidders are advised to use it as the basis of their implementation.

To enter for the potential work, any of your on-site contractors must have passed a Baseline Personnel Security Check (BPSS) as a minimum. 

28 bidders are recorded on the Digital Marketplace as having entered by the time we went to press, with 27 being characterised as SME and 1 “large” supplier.

Good luck!