Revealed: Cabinet Office signed deal last month for ‘immediate cyber incident response’

Written by Sam Trendall on 24 March 2022 in News

Department directly awarded short-term deal to PwC but indicates there was no specific threat

Credit: Howard Lake/CC BY-SA 2.0

The Cabinet Office took swift action last month to sign a deal with a supplier to provide “immediate cyber incident response”.

On 11 February, the department directly awarded a deal to PwC. The contract, which was worth £4,000 to the consulting firm, came into effect the same day and lasted for a month.

A newly published procurement notice states that the deal was awarded as the “Cabinet office seeks an immediate cyber incident response service”.

The text of the contract itself reveals that the department required incident response services to be delivered “in line with the methodologies approved under the National Cyber Security Centre Cyber Incident Response scheme”.

Related content

In addition to response services, PwC was contracted to provide a range of other offerings, including: “digital forensics analysis and investigation; incident remediation; post-incident reviews; [and] forensic and incident-readiness reviews”.

The commercial document added that, while services will be provided remotely for the most part, “there may be a need for site visits” – although details of the office in question were redacted.

The deal was awarded via the third lot of the G-Cloud 12 framework, which covers cloud support services.

PublicTechnology asked the Cabinet Office for more information, including the cause of any incident, any remedial action taken, and whether personal data had been potentially breached and it the Information Commissioner's Office had been notified. The department indicated that it would not comment on security issues, but did claim that the PwC contract did not relate to a specific threat.

About two-thirds of the way through the PwC engagement, the Cabinet Office signed a one-year deal with defence contractor BAE Systems. The £50,000 contract, which came into effect on 2 March, was awarded as the department was “seeking a commercial partner to provide retained on-demand access to cyber incident response expertise”.



Minister for the Cabinet Office Michael Ellis will be providing an exclusive insight into the Government Cyber Security Strategy when he delivers the opening keynote presentation at the PublicTechnology Cyber Security Summit next week. The CPD-certified event – which is free-to-attend for public sector employees – takes place at London's Business Design Centre on 29 March and will include a range of exclusive presentations, include Alex Harris, head of NHS and social care cyber risk at NHSX who will discuss the challenges of protecting patients and clinicians: from WannaCry through to Covid.

Find out more and register



About the author

Sam Trendall is editor of PublicTechnology. He can be reached on

Share this page




Please login to post a comment or register for a free account.

Related Articles

EXCL: Government red team security unit to test departmental defences with hostile reconnaissance
2 December 2022

Specialist supplier will support in searching – and then attempting to take advantage of – ‘vulnerabilities and exploitable information’

CCS deploys phishing simulation to help find security weak spots
18 November 2022

Procurement agency invests in security tool

HMRC warns over social media fraudsters
1 November 2022

Tax agency urges citizens to be on the lookout for scammers using online platforms

Government does ‘not expect public-service disruption’ over UKCloud insolvency
28 October 2022

Public sector hosting provider has suspended itself from frameworks after being placed in compulsory liquidation