Revealed: Cabinet Office signed deal last month for ‘immediate cyber incident response’

Written by Sam Trendall on 24 March 2022 in News

Department directly awarded short-term deal to PwC but indicates there was no specific threat

Credit: Howard Lake/CC BY-SA 2.0

The Cabinet Office took swift action last month to sign a deal with a supplier to provide “immediate cyber incident response”.

On 11 February, the department directly awarded a deal to PwC. The contract, which was worth £4,000 to the consulting firm, came into effect the same day and lasted for a month.

A newly published procurement notice states that the deal was awarded as the “Cabinet office seeks an immediate cyber incident response service”.

The text of the contract itself reveals that the department required incident response services to be delivered “in line with the methodologies approved under the National Cyber Security Centre Cyber Incident Response scheme”.

Related content

In addition to response services, PwC was contracted to provide a range of other offerings, including: “digital forensics analysis and investigation; incident remediation; post-incident reviews; [and] forensic and incident-readiness reviews”.

The commercial document added that, while services will be provided remotely for the most part, “there may be a need for site visits” – although details of the office in question were redacted.

The deal was awarded via the third lot of the G-Cloud 12 framework, which covers cloud support services.

PublicTechnology asked the Cabinet Office for more information, including the cause of any incident, any remedial action taken, and whether personal data had been potentially breached and it the Information Commissioner's Office had been notified. The department indicated that it would not comment on security issues, but did claim that the PwC contract did not relate to a specific threat.

About two-thirds of the way through the PwC engagement, the Cabinet Office signed a one-year deal with defence contractor BAE Systems. The £50,000 contract, which came into effect on 2 March, was awarded as the department was “seeking a commercial partner to provide retained on-demand access to cyber incident response expertise”.



Minister for the Cabinet Office Michael Ellis will be providing an exclusive insight into the Government Cyber Security Strategy when he delivers the opening keynote presentation at the PublicTechnology Cyber Security Summit next week. The CPD-certified event – which is free-to-attend for public sector employees – takes place at London's Business Design Centre on 29 March and will include a range of exclusive presentations, include Alex Harris, head of NHS and social care cyber risk at NHSX who will discuss the challenges of protecting patients and clinicians: from WannaCry through to Covid.

Find out more and register



About the author

Sam Trendall is editor of PublicTechnology. He can be reached on

Share this page




Please login to post a comment or register for a free account.

Related Articles

NCSC probes TikTok amid reports of imminent ban of government devices
16 March 2023

Security minister confirms intelligence agency is investigating the video app

‘Top Secret UK eyes only’ – MoD plots new infrastructure for highly classified information
20 February 2023

Facility in south-east England is likely to include private cloud and physical storage

DWP-led shared services group signs £1.4m consultancy deal to help shape ‘technical vision’
22 March 2023

Synergy cluster seeks input ahead of going to market

GDS taps online recruitment specialist in £50k deal
21 March 2023

Digital unit signs one-year contract for platform to match software developers with employers

Related Sponsored Articles

Digital transformation – a guide for local government
6 March 2023

Digital transformation will play a key role in the future of local government. David Bemrose, Head of Account Strategy for Local Government at Crown Commercial Service (CCS), introduces a new...