DWP to automate antiquated threat detection system that relies on Excel spreadsheets

Spread the love

The UK government’s Department for Work and Pensions is planning to update its antiquated threat detection model The updates are a part of an Adaptive Security Programme (ASP) focused on improving security controls across the department’s digital services, “to reduce the residual risks associated with a cyberattack,” states the tender document, posted on the government’s digital marketplace today.

DWP cybersecurity: a move to automate department threat detection system

DWP is looking for a partner to improve and manage security controls across the department The government department purchased a Security Operations Platform from ServiceNow in January 2022 and is planning on extending this via a new vulnerability response (VR) module. 

This should allow the DWP to conduct automated and system-driven monitoring and mitigation for software vulnerabilities, which will considerably improve its vulnerability management capabilities.

The department currently operates its own vulnerability management, scanning for its own vulnerabilities and sharing data sets manually, the notice reveals. 

“Currently, vulnerability management and mitigation is discharged Vulnerability data, asset and service mapping is “largely manual, and significant time is spent” understanding the department’s risk landscape, continues the document. This has been further complicated due to the DWP’s hybrid working model. “Significant time is spent to arrive at a position where identified vulnerabilities are understood in the context of our hybrid IT Estate,” it says.

Content from our partners

Fashion brands must seek digital solutions that understand the sector’s unique needs

Banks must better balance compliance with customer outreach

<img width="464" height="282" class="c-sponsored-article__img the-global-title" src="×282.webp" alt="How one manufacturer transformed data capabilities The one-year contract will begin immediately. The value has not been disclosed, but Tech Monitor has contacted DWP for further details

DWP’s digital transformation continues

The move to bolster cybersecurity systems used The plan is expected to save £3.5bn over the next 30 years with £80–90m being realised from 2028/2029, the DWP says.

The security update will be in line with advice published Interested parties have until 30 March to find out more details about the contract. The deadline for submitting tenders is 6 April.

Read more: Does the UK need a cybersecurity regulator?