Cybersecurity Framework Supplier

Deadline to apply is 02 December at noon.

Cybersecurity Framework Supplier (Public Contracts Scotland Reference Number: NOV542642)

Towards a National Collection is tendering for a Cybersecurity Framework supplier for the N-RICH Prototype project, a two-year initiative delivered in collaboration between the Towards a National Collection programme and AHRC, funded by UKRI.

The N-RICH Prototype will deliver targeted early-stage activities to reduce future investment risks. It will test the key elements and examine the scope, costs, risks, impacts and benefits of a future digital research infrastructure for cultural heritage in the UK. Core activities will include a Digitisation Capability Pilot, a Prototype infrastructure, and three cross-cutting frameworks on environment & sustainability, ethics, and cybersecurity.

We seek a supplier to design and deliver a Cybersecurity Framework that defines how cultural-heritage data and systems participating in the N-RICH Prototype can be protected, monitored, and recovered in the event of a breach.

The supplier’s work will:

• Identify and analyse sector-specific cyber threats-including ransomware, data scraping, IP theft, and cross-institution contagion risks.
• Develop a baseline security profile setting minimum technical and organisational controls for prototype integrations.
• Produce incident-response playbooks and run simulation exercises to test sector readiness.
• Design and demonstrate a small-scale Trusted Research Environment (TRES) mock-up to explore secure, non-consumptive access to sensitive or rights-restricted data.
• Recommend governance and risk-sharing models appropriate to a distributed infrastructure.
• Generate clear, scalable options for adoption in a full national infrastructure.

To access detailed information about this tender opportunity, please first register for free on the Public Contracts Scotland portal and then use the Open Tender link provided here.