ESA Open Invitation to Tender: 1-10738
Open Date: 12/04/2021 10:14 GMT +3
Closing Date: 31/05/2021 13:00 GMT +3

The C-SOC shall be characterized by a distributed scalable synthetic platform, able to work in synergy with all ESA cyber existing facility, to provide security services, based on a prevention-driven cyber security solution, powered by the most advanced threat prevention solutions. C-SOC shall enable ESA to protect the assets and services, via a common approach and a comprehensive security posture.This would be achieved by applying a common cyber security risk identification, assessment and mitigation approach driven by continuous holistic threat monitoring, risk analysis and mapping across all ESA environments and systems, whether they are part of the space segment, ground segment, data distribution and exploitation services or corporate functions.In addition, C-SOC shall have the capability to coordinate and integrate the Corporate and Mission Critical Information Technology under a common Cyber Security Management framework, based on a holistic risk assessment of ESA’s assets, ensuring that all parties work toward a common Cyber Security goal.In addition, C-SOC shall have the capability to coordinate and integrates functionalities with the SCCoE the Security Cyber Centre of Excellence, which mission shall be to generate a scalable and customized platform to validate the security operational procedure and to qualify critical element against cyber-attack. Such an approach can enable global end-to-end visibility allowing full correlation, continuous improvement and adaptation to newly discovered threats and guarantee increased cyber resilience and business continuity across the Agency. The C-SOC shall work in coordination with all ESA IT/Cyber resilience infrastructure and in particular with the ESACERT and the Space Cyber Centre of Excellence (SCCoE) as part of a common security initiative for the provision of an advanced, centralized cybersecurity protection. This approach provides a deep end-to-end visibility allowing preventive and reactive protection of space and corporate systems against cyber threat and vulnerabilities.The C-SOC shall elaborate an overall security posture and will provide guidance for optimization and enhancement of the different ESA security entities.The following main high level functionalities are envisaged:- Preventive and reactive monitoring of corporate and mission critical network, asset and critical functions;- Distributed threat monitoring, vulnerability management and risk analysis;- Sensors and technology data collection capability: collecting and consolidating all the security-relevant data feeds distributed in different infrastructures;- Big Data Analysis and Processing;- Analytics: correlation and triage of the real-time data feeds, incorporating knowledge about ESA’s environment, threats, and vulnerabilities;- Alerting: escalating incidents to the service customers (e.g. ESACERT, NOC, EOP SOC) who have the operational authority to initiate the incident response in the affected organization or area;- Situational awareness and reporting: using cyber threat intelligence from a wide variety of sources, synthetizing and feeding back as threat intelligence, and comprehensive reporting on cyber security status and performance to SCCoE.

Estabilishment: ESTEC
ECOS Required: No
Classified: Yes
Price Range: > 500 KEURO
Contracts Officer: Elia Leone
Initiating Service: DG-X
IP Measure: N/A
Prog. Reference: E/0904-611 – GSTP Element 1 Dev
Tender Type: Open Competition
Open To Tenderers From: BE+DE+EE+FI+FR+GB+IT+RO
Technology Keywords: 9-B-I-Distributed and Decentralised Operations / 9-B-III-Operation Support Processes / 12-B-I-Advanced Ground Communication Networking Concepts / 12-B-II-Communication Network Technologies and Protocols
Products Keywords: 4-A-1-a-Workstations, video signal distribution systems, wall screens,… / 4-A-2-e-Engineering Support (GS S/W dev. and maintenance,…) / 4-A-3-a-Configuration management, FOP tools, On-board resource checker,… / 4-E-1-e-Other