Bank of England to outsource IT security

Resources and costs are the main drivers for project

The Bank of England wants external help with its IT security

The Bank of England wants to outsource elements of its IT security and is accelerating the search for a supplier due to the lack of in-house resources to run the systems 24/7 and a desire to reduce costs.

The contract for the operation of the bank's intrusion detection system (IDS) could last up to three years and may be worth up to £500,000.

Key elements of the service will include round-the-clock monitoring and reporting of the IDS system, as well as security analysis and risk management related to the bank's network and system configuration.

Due to the critical nature of the data managed by the bank, the winning bidder will be required to operate the service from UK-based operation centres and use staff cleared to high security check levels - the standard required for long-term, regular and uncontrolled access to secret information and sporadic and restricted access to confidential data.

Up to 10 security vendors could be invited to pitch for the contract and the process should be completed by mid-April.

The Bank of England said the accelerated tendering process was prompted by the need to start the migration to a managed service, which is intended to reduce costs.

"We currently undertake this specialist work with a combination of internal and external resources, which is not cost effective. We are already using an external contract resource to supplement internal staff in the delivery of the service," said a spokesman for the Bank.

The contract notice issued by the Bank states it requires an accelerated process "due to internal resource no longer in place to carry out the service 24/7."