DBS seeks a CREST accredited Security Operations Centre service to protect its modern SaaS-based applications, ensuring compliance with NCSC guidelines and maintaining 24/7 operations.
DBS is progressing a major transformation of its legacy IT estate, moving to modern, Software-as-a-Service (SaaS)–based applications. As part of this transformation, DBS intends to procure a modern, CREST accredited Security Operations Centre (SOC) Service to protect and monitor its next-generation estate. The SOC will be implemented on the next generation estate only, there is no requirement for SOC services on the legacy estate which is mainly greenfield and as such there is no history of security logs, events or incidents for the applications in scope. It will include multiple SaaS-based services, a data integration platform, connection to third-party services (which may provide log feeds), and potentially other IaaS/PaaS cloud based services, for which the service shall be capable of onboarding and monitoring. Multiple third parties work with the Buyer to deliver technology and business services and have access to the Buyer's information and systems. End point, network and other supporting services (email and productivity tools for example) are provided to the Buyer and monitored by the Home Office and as such are out of scope of the SOC Service; DBS holds information that is highly sensitive and must not be subject to compromise. It depends on real-time, accurate transactions, any compromise to the integrity of such data could lead to significant losses; DBS collects, stores and manages Personal Data (including sensitive Personal Data); and DBS services provide evidence to legal bodies that require full audit and visibility of data creation, manipulation and access as part of legislative and regulatory requirements. DBS require a supplier to design, build and maintain the SOC that is compliant with / aligned to the NCSC guide on building a SOC encompassing: the operating model; onboarding; detection; threat intelligence; and Security Incident response and management. The SOC must be available and operate 24 hours a day, 7 days a week (at all times). More information about DBS and its operations can be found at: Disclosure and Barring Service - GOV.UK (www.gov.uk).