Keep your organisation running safely

The public sector will continue to be a target for cyber attacks, given its assets and position. We can help you protect against increasing and complex attacks with the right cyber security solutions.

Our Cyber Security Services 3 Dynamic Purchasing System (DPS) offers you access to a wide range of services to help you manage and improve your security function.

Our services can help you follow the steps of the National Institute of Standards and Technology (NIST) cyber security framework to safeguard your organisation – identify, protect, detect, respond and recover.

What are the benefits of Cyber Security Services 3?

  • Assured service providers

    Developed in partnership with the National Cyber Security Centre (NCSC), our agreement is the only compliant way to access NCSC-assured service providers. This means that the supplier has met the NCSC’s standards and has a clear understanding of current and potential cyber threats and techniques, as well as potential effective mitigations. You can also access suppliers who are not NCSC-assured, but hold alternative cyber security credentials.

  • Experts on buying cyber security services

    Whether you’re looking to transform your security function or address the increasingly complex threat landscape, we’re here to help you. Our cyber security experts will give you advice and support to empower you to make smart buying decisions for your organisation’s needs.

  • Flexible and agile procurement options

    We make it easy for you to select a cyber security service – simply fill out your requirements and our suppliers will tell you how they can help you. You can filter by service and assurance type on the DPS, and quality and price assessment can be tailored to your needs.

  • Competitive pricing

    The further competition process and wide range of suppliers means we can offer you competitive pricing, so you know you’re getting value for money on essential cyber security services.

We were looking to deliver a security testing pilot to 10% of local authorities to understand the level of vulnerability within the sector. We wanted to work with an NCSC assured supplier, preferably with public sector experience, who could deliver the testing required within a short window to 30+ councils. The Cyber Security Services 3 DPS appealed to us as we were able to invite NCSC assured suppliers to bid and we also benefited from the flexibility offered by the agreement. Our experience has been very positive. CCS colleagues have consistently been on hand to help with queries and offer advice promptly.
Katie Owen
Advisor – Cyber Security, Local Government Association

What’s on offer?

Cyber consultancy and advice

Services include: strategy, transformation partners, risk assessment, risk management, security architecture, audit and review, training, policy development, security specialists, security supply chain analysis, and assessing compliance with regulatory and industry standards. Risk assessment and training should be carried out regularly to ensure your cyber security approach is up to date.

Penetration testing

Conduct an authorised test of either your computer networks or systems, to highlight any security weaknesses.

Authorised testing partners will use the same tools and techniques a potential attacker would use. They will report on any vulnerabilities and make recommendations for remediation. CHECK is the scheme under which NCSC-approved companies can conduct authorised penetration tests of public sector systems and networks. Companies on the CHECK scheme are available through the DPS. These companies’ use approved testing methodology, and their experienced testers hold NCSC approved qualifications, and security clearances.

Managed security services – coming end of September 2021

Remote monitoring or management of IT security functions. Services include: identity and access management,
managed detection and response, security device management, co-managed services, managed endpoint security and security command centres.

Incident management

Help and expertise in planning for, and responding to, a significant cyber attack. It is advised to have this service in place as part of your business continuity and disaster recovery plan, as it is too late once a cyber attack has occurred. Suppliers on NCSC’s Cyber Incident Response scheme which certifies companies that specifically deal with sophisticated, targeted attacks against networks of national significance are available through the DPS.

Data destruction and IT sanitation services

Secure erasure of sensitive data and disposal of IT media and assets using audited destruction procedures.

How to buy

You will need to run a further competition to buy through this agreement. The main steps are:

  1. register on the platform as a buyer and identify suppliers
  2. develop statement of requirements and tender documents
  3. filter suppliers for the services you need using the DPS
  4. undertake capability assessment of shortlisted suppliers (optional)
  5. send tender documents to suppliers
  6. evaluate tenders and award

Watch our step-by-step video on how to use the DPS. You can also read the script of the video.

Buyers selecting the NCSC-assured services have the confidence that they are buying a service that the NCSC, the UK National Technical Authority, have assessed and evaluated to be of a high quality, meeting our technical standards.
Chris Ensor
Deputy Director for Cyber Growth, NCSC

Knowledge is power - news, blogs, webinars and brochures

NCSC updates

View the latest news, threat reports and advisories from the NCSC.

Webinars (1 )

  1. Cyber Security Services 3

    Watch our webinar led by one of our experts to find out what you can buy and how to buy through the agreement.

    Access webinar

Digital Brochures (1 )

  1. Commercial agreements: autumn 2021 digital brochure

    Download our updated digital brochure for the latest information on our agreements and how we can help you add power to your procurement.

    Access autumn 2021 digital brochure

Got a question about this agreement?

Complete the form and our expert team will be in touch as soon as possible.

Please give us as much detail as possible.

For information about how we use your data, you can read our privacy notice. When you submit this form we will add you to our mailing list and send you our newsletters, or information about our products and services.

You will receive an email when you submit your details. You can unsubscribe using the link in the email.

Talk to us


CCS customer services team is available
Monday to Friday, 9am to 5pm.


Email:
info@crowncommercial.gov.uk

Telephone:
0345 410 2222