The Department of Health, Disability and Ageing is preparing to consolidate its end-to-end cyber security operations into a single provider as part of a broader uplift program.
The department intends to unify frontline threat detection, orchestration and rapid response, moving away from a largely best-of-breed approach to procuring cyber capabilities over recent years.
After briefing the market on August 25, Health has now issued a request for tender for “planning, implementation, operation and continuous improvement” of its cyber security environment.
Using the National Institute of Standards and Technology (NIST) framework as a foundation, the department is seeking core capabilities such as a security operations centre (SOC), security orchestration, automation and response (SOAR), alongside incident response and recovery.
The selected partner will also be responsible for managing Health’s existing toolset, including its Tenable-based vulnerability management across on-premises and cloud environments, Splunk-based security information and event management (SIEM) and Microsoft Defender.
To bolster its threat awareness, Health is additionally seeking security use cases informed by frameworks such as MITRE ATT&CK and MaGMa use case framework, and integrated with cyber intelligence sharing feeds.
The refreshed approach follows Health’s recent appointment of Services Australia’s David Lang as its new cyber security leader.
At the time, Health told iTnews that Lang will continue rolling out Health’s “in-flight” cyber security uplift program.
.png&h=140&w=231&c=1&s=0)
iTnews Executive Retreat - Security Leaders Edition
_(1).jpg&h=140&w=231&c=1&s=0)
