Call for tenders' details
Information
Tender reference number
ENISA F-COD-19-T13
Title
Supporting Cybersecurity for Transport Sector Activities
Description
ENISA seeks to contract the services of a minimum of 2 and maximum of 5 service providers per lot which can provide support in the area of Cybersecurity for the Transport sector. The two main areas are: LOT 1 - Cybersecurity for the Maritime sector and LOT 2 - Cybersecurity for the RAILWAYS sector.The successful bidders should be able to demonstrate significant experience and skills in these areas, with emphasis on the aspects dealt with in the annual ENISA Work Programme.
Contract type
Services
Procedure type
Open procedure
Status
Closed
Published on TED
Submission Method
Electronic
Tenders may be submitted
All lots
Maximum number of lots
Information about a public contract, a framework agreement or a dynamic purchasing system (DPS)
Framework agreement
Address of the buyer profile: (URL)
Conditions for participation
Suitability to pursue the professional activity, including requirements relating to enrolment on professional or trade registers
As stated in the procurement documents
Economic and financial standing - List and brief description of selection criteria
Selection criteria as stated in the procurement documents
Economic and financial standing- Minimum level(s) of standards possibly required
Selection criteria as stated in the procurement documents
Technical and professional ability - List and brief description of selection criteria
Selection criteria as stated in the procurement documents
Technical and professional ability - Minimum level(s) of standards possibly required
Selection criteria as stated in the procurement documents
Milestones
TED publication date
06/03/2019 00:00
Question deadline
25/03/2019 22:59 UTC+01:00
Answer deadline
26/03/2019 22:59 UTC+01:00
Time limit for receipt of tenders
01/04/2019 18:00
Conditions for opening tenders (date)
02/04/2019 10:00
Lots
Lot number
Title
Description
Lot 1
Cybersecurity for the Maritime Sector
We expect tenderers to have expertise and knowledge on the following topics:1) Policy and regulatory issues related to the resilience of critical infrastructures and services as well as Maritime cybersecurity at national, European and International (e.g. IMO) level;2) Network and information security of Maritime infrastructures and services;3) Working with maritime sector stakeholders/organisations such as, though not limited to, ports (including port authorities, port facilities, terminals etc.), shipping companies, vessel traffic services, national maritime authorities, classification societies etc.;4) Risk management practices/methodologies, regulations, standards, guidelines, good practices specific to the maritime sector (e.g. ISPS);5) ICS-SCADA security issues e.g. OT security, IT/OT convergence etc.;6) Essential service (transport sector) operations and security practices and knowledge of the regulatory framework e.g. NIS Directive, the GDPR etc.;7) CIIP and/or Maritime security good practice guidelines and standards e.g. ENISA good practice guides, IEC 62443, ISO 27001, ISO 27002, ISO 27019, BIMCO guidelines, NERC CIP standards, ANSI/ISA 99 etc.;8) Network and information security issues e.g. internet and web security, cryptography, testing, security management etc.;9) Infrastructure security and resilience and CIIP issues like Public Key Infrastructures (PKI) and core protocols e.g. BGP, DNS etc.
Lot 2
Cybersecurity for the Railways Sector
We expect tenderers to have expertise and knowledge on the following topics:1) Ecosystems of Rail sector namely of the operators of essential services (as described in Annex II) of the NIS Directive: railway undertakings and infrastructure managers;2) Rail security issues e.g. OT security, IT/OT convergence, etc.;3) Policy and regulatory issues related to the resilience of critical infrastructures and services as well as Railway cybersecurity at national and/or European level;4) Essential service (transport sector) operations and security practices and knowledge of the regulatory framework e.g. NIS Directive, the GDPR, the EU Mobility Packages;5) CIIP good practice guidelines and standards e.g. ENISA good practice guides, Shift2Rail activities, CEN CENELEC SC9X, ETSI TC CYBER, Directives on Safety and Interoperability for Rail etc.;6) Network and information security of Railway infrastructures and services;7) Policy and regulatory issues related to the resilience of critical infrastructures and services as well as Railway cybersecurity policies at national and/or European level;8) Network and information security issues e.g. internet and web security, cryptography, testing, security management etc.;9) Infrastructure security and resilience and CIIP issues like Public Key Infrastructures (PKI) and core protocols e.g. BGP, DNS etc.;10) Internet operations in network and security management for large network providers and Internet Exchange Points.
Notices
Reference
Notice type
Publication date
2019/S 046-104543
Contract notice
06/03/2019 00:00