The NSW Government, via a Request for Expression of Interest (EOI), is seeking input from industry to assess the viability of establishing an All-of-Government Software Purchasing Arrangement (SPA) for cyber security software and associated services. This procurement aims to streamline and enhance the state’s cyber security capabilities, ensuring government agencies can efficiently procure high-quality security solutions while improving cost-effectiveness and risk management.

The SPA will be established through a two-stage procurement process, with this EOI forming a critical part of Stage 1. The Department of Customer Service (DCS) is gathering market feedback on a proposed multi-tier commercial framework that would engage original equipment manufacturers (OEMs) and channel partners under a structured purchasing arrangement. The responses received will help refine the SPA’s scope, commercial structure, and procurement framework for the second stage of the process.

The scope of the EOI covers cyber security software products and associated professional services.

Suppliers must offer at least one of the 12 defined cyber security software categories:

• Application Security – Protection against software vulnerabilities and attacks
• Business Continuity and Disaster Recovery – Ensuring resilience against cyber incidents
• Cloud Security – Safeguarding cloud environments from threats
• Compliance and Audit – Managing regulatory and compliance risks
• Data Security – Protecting sensitive and critical data
• Emerging Technologies in Cybersecurity – Advanced solutions leveraging AI and automation
• Endpoint Security – Protection of devices such as laptops and mobile phones
• Identity and Access Management (IAM) – Secure authentication and user access controls
• Network Security – Safeguarding communication networks from cyber threats
• Security Awareness and Training – Educating users on cyber risk mitigation
• Security Operations – Threat detection, response, and incident management solutions
• Strategic and Governance – Cyber security frameworks and risk management

Additionally, suppliers offering professional services may provide:

• Extended Support Services – Ongoing maintenance and troubleshooting
• Implementation Services – Deployment and configuration of security solutions
• Operational Support Services – Day-to-day security operations management
• Business Change Management – Integration of security measures into business processes

DCS is specifically seeking input from suppliers that can provide cyber security software products, either alone or with professional services. However, suppliers that only offer professional services without software solutions are not the focus of this EOI.

An online pre-response briefing will be held on the 20^th of February 2025.

The closing time and date for responses will remain open until the 2^nd of April 2025. 

If you are after further advice on this topic or any tender opportunity, feel free to contact us. You can also subscribe to this newsletter for regular weekly updates.