0330 124 4224

BlogsPublished: 28 June 2019

CCS Webinar: Cyber Security Services 3


In case you weren’t able to make the recent supplier engagement session, here’s a summary of the current thinking regarding Cyber Security Services 3.

Cyber Security Services 3 webinarWith cyber being one of the hot topics of the moment and mounting pressures for cyber security: for example, the development of 5G and Digitisation of NHS services. It is more important than ever that the public sector has easy access to suppliers of cyber services. Enter Cyber Security Services 3!

CCS current goals for the agreement:

  • To provide a compliant route to market for cyber security services.
  • Work with NCSC on providing a route for assured cyber security services. CSS3 will be the most efficient way to procure NCSC approved services, as GC11 no longer offers a route to such services.
  • Strive to support customers and suppliers to manage an ever-changing landscape

The current Cyber Security Services 2 framework (CSS2) has 4 lots and CCS said they haven’t had much interaction with this framework.

Why CSS2 wasn’t successful:

  • Frozen supplier list
  • Difficult to get onto CCS frameworks
  • Suppliers want simpler terms and conditions
  • G-Cloud 10 provided a duplicate route to market

So how do they plan to address these challenges with CSS3?

  • Move to a DPS – Easier to access and use!
  • New plain English style contract
  • GC10 duplication of services- It is now no longer possible to procure NCSC assured services on GC11

That all sounds good right, but what will it look like?

  • As we mentioned above this agreement will be a Dynamic Purchasing System
  • Same scope of services as CSS2, but with additions!
  • Look similar to the current lots in terms of the services- may be a slight change in this range: certified cyber consultancy, penetration testing and cyber incidents responses
  • Won’t have lots – instead it will have a filter system
  • Will use the public sector contract as its terms and conditions

 

The provisional application timeline:

Activity Date
PIN Live May 2019
Market Engagement June and July 2019
Internal Review August and September 2019
DPS testing complete October 2019
OJEU published November 2019
DPS Live December 2019
Cyber Security 2 scheduled to expire February 2020

Currently the thinking around supplier assurances is:

CCS selection stage will be streamlined:

  • Supplier Registration Service and DUNS number
  • Financial check against the score and threshold
  • Confirmation from NCSC of assurance details

NCSC evaluation of supplier services to get not the DPS will be provided by NCSC:

  • CIR – Incident Response
  • Certified Cyber Security Consultancy
  • CHECK – Pen Testing

CCS are still in the process of market engagement so if you have some thoughts on the current plan, get in touch with them at techsolutions@crowncommercial.gov.uk. They are particularly interested in hearing what filters would be useful to use within the DPS.

We can’t wait to see how it turns out!

Book a free Cyber Security Services 3 consultation

Share


Tags: Cyber Security Services

Related Posts

We use cookies to improve your website experience. For example we use cookies to show you relevant webinars, content etc.

We have placed cookies on your device to help make our website better. Some of the cookies we use are essential for our website to work.

We also use some non-essential cookies to collect information to provide you with a better experience and to improve Our Site by better understanding how you use it.

You can use this tool to change your cookie settings.

To control third party cookies, you can also adjust your browser settings.