Departments retain defence and security firms for ‘cyber incident response’

Written by Sam Trendall on 14 March 2022 in News

Commercial documents show Cabinet Office and Home Office have signed deals for firms to provide on-demand support

Credit: CoolVid-Shows/Pixabay

Two of government’s major departments have signed retainers with commercial partners to provide on-demand support in responding to “cyber incidents”.

On 2 March, the Cabinet Office entered into a one-year contract with BAE Systems. The deal, which offers the option of a 12-month extension, will be worth at least £50,000 to the global defence contractor, according to recently release commercial information. 

The contract notice indicated that the department is “seeking a commercial partner to provide retained on-demand access to cyber incident response expertise”.

More newly published commercial documents reveal that the Home Office has also agreed a similar engagement, through which an external company – in this case Deloitte – will be available to support its response to cyberattacks and other threats.

Related content

The deal, described as a “cyber incident response retainer”, will see personnel from the professional services firm deployed on demand to assist in the department’s handling of security issues. In doing so, they will work alongside Home Office officials and in support of internal security resources.

“This contract supports the HO Security Operations Centre (CSOC),” the contract-award notice said. “The CSOC provides the core capability of protective monitoring for all Home Office networks and responding to all cybersecurity threats. The Cyber Incident Response Retainer contract ensures that appropriate support can be efficiently and effectively deployed to augment the CSOC as required.”

The contract will be worth £700,333 over its three-year term. Despite only being published last week, the deal came into effect in late 2020. It is due to run until 1 November 2023.

The recently published Government Cyber Security Strategy set out plans for protecting public-sector organisations against attacks and included a target that all public bodies will “resilient to known vulnerabilities and attack methods no later than 2030”.

The policy paper sets out a two-pronged approach to driving improvements cybersecurity, with the first being to ensure that “government organisations have the right structures, mechanisms, tools and support in place to manage their cybersecurity risks”.

“The second is to ‘defend as one’,” according to the strategy document. “Recognising that the scale and pace of the threat demands a more comprehensive and joined up response, government will harness the value of sharing cyber security data, expertise and capabilities across its organisations to present a defensive force disproportionately more powerful than the sum of its parts.”


Minister for the Cabinet Office Michael Ellis will be providing an exclusive insight into the Government Cyber Security Strategy when he delivers the opening keynote presentation at the PublicTechnology Cyber Security Summit. The CPD-certified event – which is free-to-attend for public sector employees – takes place at London's Business Design Centre on 29 March and will include a range of exclusive presentations, include Alex Harris, head of NHS and social care cyber risk at NHSX who will discuss the challenges of protecting patients and clinicians: from WannaCry through to Covid.

Find out more and register



About the author

Sam Trendall is editor of PublicTechnology. He can be reached on

Share this page




Please login to post a comment or register for a free account.

Related Articles

EXCL: Government red team security unit to test departmental defences with hostile reconnaissance
2 December 2022

Specialist supplier will support in searching – and then attempting to take advantage of – ‘vulnerabilities and exploitable information’

CCS deploys phishing simulation to help find security weak spots
18 November 2022

Procurement agency invests in security tool

HMRC warns over social media fraudsters
1 November 2022

Tax agency urges citizens to be on the lookout for scammers using online platforms

Government does ‘not expect public-service disruption’ over UKCloud insolvency
28 October 2022

Public sector hosting provider has suspended itself from frameworks after being placed in compulsory liquidation