Treasury Administration Procuring Cyber Protection System Worth EUR 1.6 Million – Tender for Supplier in Progress

The Treasury Administration of the Ministry of Finance has opened the public invitation for the protection of the system from cyber attacks.

According to the tender, the subject of the procurement is a solution for a multivector protection of the system from cyber attacks by protecting working stations, servers and email channels.

The documentation says that the total offered price of the procurement may not exceed the amount of RSD 160,000,000 without the VAT, that is, RSD 192,000,000 (around EUR 1.6 million) with the VAT on an annual level.

The preparation and the implementation of the system will be split into two phases, and the completion deadline for both is December 26, 2022.

The solution for the multivector protection of the system from cyber attacks through the protection of working stations, servers and email channels should enable the most efficient form of system protection, considering that over 90% of attacks begin through the email channel, and the first step of the attack is made at the working station. The multivector solution also needs to enable additional protection by connecting and exchanging information between the two subsystems – email protection and working station and server protection. If a threat is recognized within the email channel protection solution, a technical description of that threat (IoC/Indication of Compromise) should be moved, through the shared management system, to the solution for the protection of working stations, which, based on that information, will be able to recognize such threats and their elements, the documentation adds.

The multivector solution should protect the information system as a whole, from various phases of the attack (according to the Lockheed Martin Cyber Kill Chain classification, which is most frequently used in practice) – from the delivery of the malicious content, the exploitation, which is usually done through the mail channel and on the working stations, to the further phases, of which the most critical ones are the potential taking of control and exfiltration of the data, it is clarified.

The full solution for the multivector protection of the system from cyber attacks through the protection of working stations, servers and email channels needs to be implemented and integrated with the ICT system under the turnkey system.

The supply of the solutions needs to include technical support from the supplier, in addition to the producer’s support.

Bids may be sent by August 22.

Ministarstvo finansija Republike Srbije

Uprava za trezor Republike Srbije

protection of system from cyber attacks

purchase of cyber protection system

multivector protection

working station protection

server protection

email protection