Invitation to Tender - Supply Chain International Best Practice Research Project

This project aims to examine how governments internationally are supporting organisations to develop their cyber resilience by addressing supply chain risks across the energy, chemicals and space sectors and what is considered best practice (voluntary and regulatory) in terms of measures implemented. This work will give us a better understanding of the supply chain cyber security measures taken globally. The intermediate and final outputs will be used to inform our nascent partnership building initiatives and ensure that we can support the development of any energy, chemicals and space sector cyber security supply chain policy, and feed in our views for any cross-government supply chain approaches in the UK context. Throughout the project the following objectives should be addressed and evidenced: • To understand how governments internationally are enabling or supporting organisations to develop their cyber resilience by addressing cyber security supply chain risks across the energy (including operational technology), chemicals and space sectors. • To learn what is considered best policy practice (voluntary and regulatory) in either energy (including operational technology), chemicals and space supply chain practice, and identify possible policy options for us. • Learn what is considered best policy practice (voluntary and regulatory) in cyber security supply chain practice, where it is transferrable to the energy sector (including operational technology), chemicals and space sector. • Identify cyber security supply chain partnership delivery models and identify their success factors and barriers. • To inform and improve the delivery of our proposed cyber security supply chain code of practice and partnership. The project stages shall be detailed in the subsequent Invitation to Tender (ITT) however broadly open-source research will be used to develop a comprehensive understanding of global cyber security supply chain measures in the energy, operational technology, chemicals and space sectors as well as exploring codes of practice / partnership within these sectors. The data gathered will then be analysed using qualitative and quantitative methods to produce the required outputs. The outputs will include a project report and recommendations, accompanying summary presentation, presentation for stakeholders, case studies on codes of practice / partnership and a database. BEIS will quality assure the outputs throughout the project and therefore, it may be necessary to make changes to deliverables based on this feedback.