Call for tenders' details

Title:
Supporting Cybersecurity for Transport Sector Activities
Contracting authority:
European Union Agency for Network and Information Security (ENISA)
TED publication date:
06/03/2019
Time limit for receipt of tenders:
01/04/2019
Status:
Closed
Information
ENISA F-COD-19-T13
Supporting Cybersecurity for Transport Sector Activities
ENISA seeks to contract the services of a minimum of 2 and maximum of 5 service providers per lot which can provide support in the area of Cybersecurity for the Transport sector. The two main areas are: LOT 1 - Cybersecurity for the Maritime sector and LOT 2 - Cybersecurity for the RAILWAYS sector.The successful bidders should be able to demonstrate significant experience and skills in these areas, with emphasis on the aspects dealt with in the annual ENISA Work Programme.
Services
Open procedure
Closed
Checked
All lots
Framework agreement
Conditions for participation
As stated in the procurement documents
Selection criteria as stated in the procurement documents
Selection criteria as stated in the procurement documents
Selection criteria as stated in the procurement documents
Selection criteria as stated in the procurement documents
Milestones
06/03/2019 00:00
25/03/2019 23:59
26/03/2019 23:59
01/04/2019 18:00
02/04/2019 10:00
Lots
Lot number Title Description
Lot 1 Cybersecurity for the Maritime Sector We expect tenderers to have expertise and knowledge on the following topics:1) Policy and regulatory issues related to the resilience of critical infrastructures and services as well as Maritime cybersecurity at national, European and International (e.g. IMO) level;2) Network and information security of Maritime infrastructures and services;3) Working with maritime sector stakeholders/organisations such as, though not limited to, ports (including port authorities, port facilities, terminals etc.), shipping companies, vessel traffic services, national maritime authorities, classification societies etc.;4) Risk management practices/methodologies, regulations, standards, guidelines, good practices specific to the maritime sector (e.g. ISPS);5) ICS-SCADA security issues e.g. OT security, IT/OT convergence etc.;6) Essential service (transport sector) operations and security practices and knowledge of the regulatory framework e.g. NIS Directive, the GDPR etc.;7) CIIP and/or Maritime security good practice guidelines and standards e.g. ENISA good practice guides, IEC 62443, ISO 27001, ISO 27002, ISO 27019, BIMCO guidelines, NERC CIP standards, ANSI/ISA 99 etc.;8) Network and information security issues e.g. internet and web security, cryptography, testing, security management etc.;9) Infrastructure security and resilience and CIIP issues like Public Key Infrastructures (PKI) and core protocols e.g. BGP, DNS etc.
Lot 2 Cybersecurity for the Railways Sector We expect tenderers to have expertise and knowledge on the following topics:1) Ecosystems of Rail sector namely of the operators of essential services (as described in Annex II) of the NIS Directive: railway undertakings and infrastructure managers;2) Rail security issues e.g. OT security, IT/OT convergence, etc.;3) Policy and regulatory issues related to the resilience of critical infrastructures and services as well as Railway cybersecurity at national and/or European level;4) Essential service (transport sector) operations and security practices and knowledge of the regulatory framework e.g. NIS Directive, the GDPR, the EU Mobility Packages;5) CIIP good practice guidelines and standards e.g. ENISA good practice guides, Shift2Rail activities, CEN CENELEC SC9X, ETSI TC CYBER, Directives on Safety and Interoperability for Rail etc.;6) Network and information security of Railway infrastructures and services;7) Policy and regulatory issues related to the resilience of critical infrastructures and services as well as Railway cybersecurity policies at national and/or European level;8) Network and information security issues e.g. internet and web security, cryptography, testing, security management etc.;9) Infrastructure security and resilience and CIIP issues like Public Key Infrastructures (PKI) and core protocols e.g. BGP, DNS etc.;10) Internet operations in network and security management for large network providers and Internet Exchange Points.
Notices
Reference Notice type Publication date
2019/S 046-104543 Contract notice 06/03/2019 00:00