The Ministry of Defence (MoD) has indicated a shift in its procurement strategy for cyber vulnerability investigations (CVIs) for the armed forces.
It has begun to look for CVIs – which analyse digital systems and platforms to understand where they may be vulnerable – as a service with separate procurement notices for the air, land and maritime domains (essentially the Air Force, Army and Navy).
CVIs have been run for the armed forces since 2014, based on a methodology developed by the Defence Science and Technology Laboratory, and a CVI Ops Cell was set up within the MoD in 2017 to deliver a 10-year programme of the investigations.
Until now they have been purchased individually or in packages – a ‘tranche based’ approach – but the procurement notices say this has limited the forces’ agility in responding to changing demands around operations and threats.
Subsequently, the MoD is now looking to establish an ‘as a service’ approach under which suppliers can be called on to deliver the work for the CVI Ops Cell. The business has been valued at up to £9 million over a year for each of the three domains.
The ministry also indicated that it is planning a further procurement for a service for CVIs that cover all three domains.
Image from iStock, Henrik Jonsson