Tendr: Cyber Threat Intelligence Reporting Services
Zadavatel: NATO HQ, Brussels
Kontrakt na max 5 let. Budget zhruba €150 tisíc ročně a víc.
Bezpečnostní prověrka není třeba
Background: the provision of a subscription-based Cyber Threat Intelligence Reporting Services to support the needs of NATO’s Cyber Threat Assessment Branch
Corporate objective: Acquire cyber threat intelligence reporting services from one vendor with extensive experience in the incident response and threat intelligence field.. The services will enhance NATO’s cyber threat situational awareness and supplement network defence NATO-wide, providing deep understanding and enhanced visibility of threat actor behaviours, ongoing campaigns and their severity in areas of significance to NATO.
Contracts objectives: Establish a contract for the provision of best-value subscription-based CTI reporting services that provide high-fidelity raw intelligence data and finished intelligence deliverables that will:
1. Provide in-depth analysis of cyber threat actor campaigns and operations, tactics, techniques and procedures (TTPs), motivation, intent, organizational alignments, clustering, technical and high-level shifts, evolutions and trends occurring on the threat landscape (e.g., changes in collection priorities, infrastructure and capabilities, etc.).
2. Supplement network telemetry by delivering technical IOCs and non-public artifacts for ingestion into existing cyber defence tools within the NATO enterprise, widen threat landscape coverage inside the network perimeter, and provide opportunities for threat enrichment and cross-correlation with internal feeds and data in the context of incident investigation or defence fine-tuning.
3. Contextualize and enrich cyber threat actor campaigns and operations with telemetry, knowledgebase and expert analysis, enabling NATO cyber threat intelligence analysts to obtain a granular understanding of threat actor campaigns on the tactical and operational level, assess severity, track patterns and evolutions pertaining to behaviours, infrastructure or capabilities, understand operational lifecycles and reveal campaign scope and depth. This knowledgebase will allow NATO cyber threat intelligence analysts to generate predictive insights about threats to NATO networks, and to forecast future trend lines regarding relevant threat actors’ behaviours and activities.
4. Complement existing CTI services with additional sectoral- and vertical-specific finished intelligence reporting and data relevant to NATO, mission assurance, Allies, Partners and other areas of significance.
5. Outputs will be used to inform and advise a variety of technical and non-technical audiences.
Management objective: Allow the Contractor the maximum flexibility to innovatively manage its corporate resources, expertise, and subcontracts (if any) so as to provide a high-value contribution in support to the NATO’s corporate and contract objectives within existing constraints and a proper service management framework.
Requirements – personnel and resources: Contractor personnel is not required to access NATO classified information, or to conduct activities on NATO classified networks or the NATO HQ site. The Contractor’s personnel in direct contact with NATO staff or NATO stakeholders must meet the following requirements:
Be nationals of a NATO member country;
Be proficient in English equivalent to or higher than NATO Standardized Level Profile 3, 3, 3, 3 (e.g. listening, speaking, reading, and writing skills must be good) set in NATO STANAG 6001;
Have good writing, communication and presentation skills, as well as sufficient understanding of international affairs and issues of relevance to NATO.