The UK's Ministry of Justice is inviting bids for the creation of a single, centralized cybersecurity log collection and aggregation platform.
With a diverse digital estate and a wide variety of suppliers and technical systems, the MoJ is in need of a platform to enable log collection, aggregation, storage, analysis, and targeted forwarding capabilities.
Explaining the problem that bidders must solve, a spokesperson for the MoJ wrote: "The Ministry of Justice is currently constrained in its ability to understand the cybersecurity posture of its current estates due to security logs being held in multiple systems.
"In many cases these systems are hard to query. The team lacks a single, centralized store of logs that can be queried to help correlate cross-system attacks and track adversarial actors' behaviors."
Contractors are invited to submit bids featuring solutions that can be implemented within 12 weeks, with the potential for a 12-week extension. Bids submitted must fall within the allocated budget of £280,000 (excluding VAT).
Previously, the MoJ Security and Privacy team created a proposed architecture for the platform based on the Ministry’s Kubernetes cloud-hosting environment on Amazon Web Services and commonly used logging tools, such as Elasticsearch, Logstash and Kibana, or Elastic stack.
As this initial groundwork has already been approved by the technical authorities, bidders are advised to use it as the basis of their implementation.
To submit a bid, a contractor must have passed a Baseline Personnel Security Check (BPSS) as a minimum.
So far, the project has garnered interest from around 27 bidders. The winner will bring their work to life in London's Petty France and at various supplier locations.
The shout out for assistance in creating a centralized cybersecurity log collection and aggregation platform is part of an overall commitment by the MoJ to update its current cybersecurity capabilities.
The new project follows an invitation issued by the MoJ in August for a contractor to review and give guidance on the Ministry's current cybersecurity process.
Thirty applicants answered the call to provide internal staff, contractors, supply chain, and external partners with a coherent risk-balanced "stack" of policies, standards, guidelines, and procedures that supports the safe and secure functioning of the MoJ.