Closed

Cyber Remedial Work

Tender ID: 567992


Tender Details

Organisation:
Tender #:
DM-25834  
Status:
Closed
Publish Date:
23 September 2024
Closing Date:
6 October 2024

Tender Description

This Tender is invited by the Issuer.

The Commission is seeking a quotation for services to address cyber security practices, controls and policies. The scope of work is aligned with the Essential Eight strategies from the Protective Security Policy Framework (PSPF). Below are the specific tasks that need to be addressed:

1. Application Control

  • Reviews of application control ruleset.
  • Update the existing Cyber Security Incident Policy to reflect a broader range of incidents to report to the ASD.

2. Patch Applications

  • Ensure patches, updates, or other mitigations for vulnerabilities in office productivity suites, web browsers, email clients, PDF software, and security products are applied within two weeks of release.
  • Ensure patches, updates, or other mitigations for vulnerabilities in other products are applied within one month of release.
  • Develop a process to review vulnerability using current tools.

3. Restrict Administrator Privileges

  • Develop a process for reviewing all privileged user accounts, ensuring account permissions have been appropriately assigned.
  • Technically assist in restricting privileged accounts from accessing the internet and associated mailboxes, unless exclusively necessary to conduct required duties.
  • Develop a process for reviewing all privileged access across systems, applications, and data repositories annually.
  • Ensure privileged accounts are automatically disabled after 45 days of inactivity.

4. Microsoft Office Macros

  • Implement a process for restricting macros.

5. Multi-factor Authentication (MFA)

  • Review and advise on MFA across all accounts on MacBooks and third-party services.
  • Implement phishing-resistant MFA for authentication across all systems and services.

6. Patch Operating Systems

  • Review of operating system patches and associated workstation patch compliance.
  • Conduct a review of patches not being applied within a month of release and implement any controls to improve patching.

7. User Application Hardening

  • Review the implementation of ASR (such as blocking of IE11, MS Office) rules via Intune.
  • Apply a trusted ad-blocking extension rolled out for all web browsers.
  • Implement central logging for command line process creation, PowerShell (module logging, script block logging, transcription events).
  • Review and implement hardening guidance for Adobe Reader.

8. Regular Backups

  • Review and update the Commission’s Backup Restoration Test Process.
  • Review and update the Commission’s BCP and DRP to include the recovery of systems and services not covered in an SLA with a third party.

Estimated start date: Monday, 14 October 2024

Initial contract duration: 2 months

Extension term: 1 month

Number of extensions: 1

Location of work: ACT, VIC, Offsite


Location