CGIAR seeks to identify a qualified Managed Security Service Provider (MSSP) that can deliver Network Security Monitoring and Incident Response Services, ensuring security for our main offices and public cloud providers. The Provider should be able to support, at minimum, the following services: Security Event Monitoring 24/7/365, Incident Response to promptly react to any malicious/unexpected activity in any center/OSU (Operations Support Unit), Forensic Analysis to respond to critical incidents, periodic Vulnerability Assessment (VA) to evaluate and report on external surface the vulnerabilities across centers/OSU and provision of Threat Intelligence services to proactively safeguard the information assets of centers/OSU.

CGIAR, the world’s largest publicly-funded agricultural research network, operating as thirteen independent legal entities (Centers), and collectively home to more than 9,000 scientists, researchers, technicians, and staff working in over 80 countries, seeks a MSSP that can deliver the following essential services to CGIAR:

• Network Security Monitoring and Incident Response Services, ensuring security for our main offices and public cloud providers. The goal is to have at least:
  • Security Event Monitoring and detection 24/7/365.
  • Incident Response to promptly react to any malicious/unexpected activity in any center/entity according to the severity and complexity of the incident.
  • Forensic analysis during the eradication phase for critical incidents.
• Periodic Vulnerability Assessment (VA) to evaluate and report on external surface the vulnerabilities across centers/OSU.
• Provision of Threat Intelligence services to proactively safeguard the information assets of centers/OSU.

The aim of this effort is to set up a system where all CGIAR’s cyber security layers are monitored for attacks or malicious activity, and all cyber security events are addressed quickly and effectively by trained, responsible, and accountable professionals.

The initial term of any contract awarded as a result of this RFP is anticipated to be two-years (2) with the option to renew subject to supplier performance review and market analysis.

Interested and qualified firms are invited to review the RFP document including all annexes and submit their letter of intent -LOI (template provided) by March 10, 2024. A mandatory bidders conference is scheduled on March 15, and the calendar invitation will only be extended to firms who will have submitted their LOI.

All proposals must be received by April 22, 2024. Only electronically submitted proposals will be considered. Late proposals will not be accepted.