This public procurement (supply, installation, and implementation) will be co-financed from the Integrated Regional Operational Program 2021-2027 within the framework of call no. 4 Cybersecurity – SC 1.1 (PR), priority 1 Improving Public Administration Performance, specific objective 1.1 Utilizing the Benefits of Digitalization for Citizens, Businesses, Research Institutions, and Public Authorities (project: “Ensuring Cybersecurity of Assets (Information Systems) of the Statutory City of Mladá Boleslav”, reg. no. CZ.06.01.01/00/22_004/0000053). The main goal of the project is to enhance the cybersecurity of assets belonging to the Statutory City of Mladá Boleslav, including its information systems and the information managed within them.
The technical specification of the subject of the public procurement describes the technical requirements for delivery of a system to support continuous risk analysis, which will record all assets, identify risks, and propose appropriate measures to reduce detected risks. The resulting solution will serve as a tool for cybersecurity managers or persons designated for managing cybersecurity, including the possibility of involving key users and asset owners. We demand the delivery of a comprehensive ISMS tool that, based on identified assets, will automatically evaluate risks and potential vulnerabilities. It will assess individual risks, but also implement and manage appropriate security measures for their mitigation and reduction. The delivered solution must be regularly updated to meet the requirements of cybersecurity and the NIS2 directive. The supplied tool must allow for the import of data from already conducted asset assessment analyses according to the fulfillment of cybersecurity requirements for the regulated service provider under lower obligations. At the same time, it must enable connectivity with operated technologies that can provide the tool with sources of potential risks.
The subject of the public procurement is divided into 3 parts in accordance with the provisions of § 35 of the Act, namely:
PART 1: SIEM
Detailed technical specifications are further specified in Attachment no. 1a_SIEM.
PART 2: Endpoint Protection including EDR, SAM/ITAM
Detailed technical specifications are further specified in Attachment no. 1b1_Advanced Endpoint Protection including protection of virtualization platforms and EDR and Attachment no. 1b2 SAM ITAM.
PART 3: Cybersecurity Asset Management and Security Event Logging
Detailed technical specifications are further specified in Attachment no. 1c_Cybersecurity Asset Management and Security Event Logging.
Offers can be submitted for one or more parts. The offer must be submitted for each part separately.
The supplier must meet and fully and unconditionally reflect all requirements set by the contracting authority in Attachment no. 1 (a, b, c) of the tender documentation – Technical Specification.
The offered solution must include all specified individual items listed in Attachment no. 1 (a, b, c) – Technical Specification. The offer must also include a description of the delivery offered by the supplier, which will contain a description of the provided solution in accordance with the requirements of the contracting authority.
LOT-0001
PART 1: SIEM.
PART 1: SIEM
Detailed technical specifications are further specified in Attachment no. 1a_SIEM.
LOT-0002
PART 2: Endpoint Protection including EDR, SAM/ITAM.
PART 2: Endpoint Protection including EDR, SAM/ITAM
Detailed technical specifications are further specified in Attachment no. 1b1_Advanced Endpoint Protection including protection of virtualization platforms and EDR and Attachment no. 1b2 SAM ITAM.
LOT-0003
PART 3: Cybersecurity Asset Management and Security Event Logging.
PART 3: Cybersecurity Asset Management and Security Event Logging
Detailed technical specifications are further specified in Attachment no. 1c_Cybersecurity Asset Management and Security Event Logging.