Planning

CYBER SECURITY SERVICES (10505)

  • NHS Shared Business Services Limited

F01: Prior information notice (prior information only)

Notice identifier: 2023/S 000-019070

Procurement identifier (OCID): ocds-h6vhtk-03ded9

Published 4 July 2023, 5:17pm



Section one: Contracting authority

one.1) Name and addresses

NHS Shared Business Services Limited

Three Cherry Trees Lane

Hemel Hempstead

HP2 7AH

Contact

Katie Felkin

Email

nsbs.digital@nhs.net

Country

United Kingdom

Region code

UK - United Kingdom

Companies House

05280446

Internet address(es)

Main address

https://www.sbs.nhs.uk/

Buyer's address

https://www.sbs.nhs.uk/proc-digital-it-frameworks

one.3) Communication

The procurement documents are available for unrestricted and full direct access, free of charge, at

https://www.sbs.nhs.uk/nhs-sbs-about-us

Additional information can be obtained from the above-mentioned address

one.4) Type of the contracting authority

Other type

Public Sector Framework Provider https://www.sbs.nhs.uk/nhs-sbs-about-us

one.5) Main activity

Health


Section two: Object

two.1) Scope of the procurement

two.1.1) Title

CYBER SECURITY SERVICES (10505)

Reference number

10505

two.1.2) Main CPV code

  • 72000000 - IT services: consulting, software development, Internet and support

two.1.3) Type of contract

Services

two.1.4) Short description

NHS Shared Business Services Limited (NHS SBS) act in an Agency capacity for and on behalf of its customers (Approved Organisations) - existing and new. These comprise of NHS and Social Care organisations (whether acting individually, or on behalf of, or together as members of any consortia) along with any other public or private sector bodies which NHS SBS authorises to use the resulting Framework.

NHS SBS intends to put in place a Framework Agreement for the provision of Cyber Security Services and related Goods and Services for Healthcare to be used by NHS SBS Approved Organisations. These include, but are not limited to Cyber Security Consultancy Services, Cyber Security Managed Solutions, Cyber Security Tools, Cyber Security Hardware, Cyber Security Medical/ Healthcare Specific Solutions and an all inclusive Cyber Security Combined Solutions Lot incorporating all Lots to offer the ability to award a supplier with a packaged solution under one contract.

Our Approved Organisation list can be found on:

https://sbs.nhs.uk/proc-framework-agreements-support

We are committed to working with suppliers who are dedicated to Sustainability and Social Value and there will be a significant weighting on these elements in the tender.

two.1.5) Estimated total value

Value excluding VAT: £125,000,000

two.1.6) Information about lots

This contract is divided into lots: Yes

The contracting authority reserves the right to award contracts combining the following lots or groups of lots:

The Lot structure is indicative at this stage and will be confirmed in any resultant Contract Notice.

two.2) Description

two.2.1) Title

Software Security Consultancy, Advice & Emergency Response Services

Lot No

1

two.2.2) Additional CPV code(s)

  • 72221000 - Business analysis consultancy services
  • 72222000 - Information systems or technology strategic review and planning services
  • 72590000 - Computer-related professional services

two.2.3) Place of performance

NUTS codes
  • UK - United Kingdom

two.2.4) Description of the procurement

Procurement of Consultancy and Advice services as well as Emergency Support in the event of a Cyber Security threat.

Consultancy and Advice will be contracted through this Lot for services like, but not limited to; a need for Additional Cyber Security professional resource or technical guidance or advice, testing services or reactive support or advice in the event of a Cyber threat/ attack.

Lots may be further defined following the outcome of this PIN. The new framework, subject to review and change, is expected to go live shortly after the existing framework SBS/19/CW/ZMD/9348 expires on 11 May 2024

two.2) Description

two.2.1) Title

Software Security Managed Solutions

Lot No

2

two.2.2) Additional CPV code(s)

  • 72221000 - Business analysis consultancy services
  • 72222000 - Information systems or technology strategic review and planning services
  • 72590000 - Computer-related professional services

two.2.3) Place of performance

NUTS codes
  • UK - United Kingdom

two.2.4) Description of the procurement

Procurement of Cyber Security Managed Service solutions. Including, but not limited to, SOC as a managed service, managed SIEM solution and managed detection and response services

Lots may be further defined following the outcome of this PIN. The new framework, subject to review and change, is expected to go live shortly after the existing framework SBS/19/CW/ZMD/9348 expires on 11 May 2024

two.2) Description

two.2.1) Title

Cyber Security Software Solutions & Tools

Lot No

3

two.2.2) Additional CPV code(s)

  • 72221000 - Business analysis consultancy services
  • 72222000 - Information systems or technology strategic review and planning services
  • 72590000 - Computer-related professional services

two.2.3) Place of performance

NUTS codes
  • UK - United Kingdom

two.2.4) Description of the procurement

Procurement of Cyber Security Software and tooling solutions including but not limited to Anti-virus, Security Information and Event Management software, Extended detection, and response (XDR), Penetration testing, Network Packet sniffer Software, Web Vulnerability scanning, Encryption tools, Network monitoring tools.

Lots may be further defined following the outcome of this PIN. The new framework, subject to review and change, is expected to go live shortly after the existing framework SBS/19/CW/ZMD/9348 expires on 11 May 2024

two.2) Description

two.2.1) Title

Cyber Security related Hardware including Healthcare Specific Solutions

Lot No

4

two.2.2) Additional CPV code(s)

  • 72221000 - Business analysis consultancy services
  • 72222000 - Information systems or technology strategic review and planning services
  • 72590000 - Computer-related professional services

two.2.3) Place of performance

NUTS codes
  • UK - United Kingdom

two.2.4) Description of the procurement

Procurement of Capital Items relating to Cyber Security including but not limited to Firewalls, Proxy Servers, Cyber Security Hardware for the protection of medical devices.

Lots may be further defined following the outcome of this PIN. The new framework, subject to review and change, is expected to go live shortly after the existing framework SBS/19/CW/ZMD/9348 expires on 11 May 2024

two.2) Description

two.2.1) Title

Cyber Security Combined Solution (incorporating lots 1-4)

Lot No

5

two.2.2) Additional CPV code(s)

  • 72221000 - Business analysis consultancy services
  • 72222000 - Information systems or technology strategic review and planning services
  • 72590000 - Computer-related professional services

two.2.3) Place of performance

NUTS codes
  • UK - United Kingdom

two.2.4) Description of the procurement

For the award of a packaged solution incorporating the need of goods/ services that are covered in the scope of 2 or more lots in this Framework Agreement.

Lots may be further defined following the outcome of this PIN. The new framework, subject to review and change, is expected to go live shortly after the existing framework SBS/19/CW/ZMD/9348 expires on 11 May 2024

two.3) Estimated date of publication of contract notice

15 December 2023


Section four. Procedure

four.1) Description

four.1.8) Information about the Government Procurement Agreement (GPA)

The procurement is covered by the Government Procurement Agreement: Yes


Section six. Complementary information

six.3) Additional information

This Prior Information Notice (PIN) is to signal an intention to commence market engagement with those within the Cyber Security marketplace.

If you wish to participate please complete and return the RFI (Request for Information) that can be obtained by emailing nsbs.digital@nhs.net. Please return completed forms direct via e-mail to nsbs.digital@nhs.net by 5.00pm on Friday 4th August 2023. NHS Shared Business Services Limited (NHS SBS) reserves the right to withdraw this notice at any time. NHS SBS is not bound to accept any proposals submitted by Bidders and is not liable for any costs incurred as a result of Bidders engaging with this process. This early market engagement exercise does not guarantee that a Procurement will take place and NHS SBS reserves the right to defer from any Procurement entirely.

NHS SBS intends to hold market engagement sessions during July and August 2023 with industry experts and suppliers interested in potentially bidding for the resulting Framework, please note, we will not review any RFI's received following these dates.

The value in II.1.5 is an indicative value over 4 years from 11th May 2024.

The date in II.3) is the estimated date of publication, please monitor Find a Tender Service https://www.find-tender.service.gov.uk/Search for the publication of the relevant high value contract notice.