BT PLC

BT Cloud SIEM and SOC Services

Our Cloud based Security Incident and Event Monitoring (SIEM) service monitors log feeds from across a customer’s network and generates alerts for any potential incident on a near-real time basis.

Features

• Incident prevention, detection, response and reporting through 24/7 SOC
• Cloud SIEM, threat Intelligence, log management, security analytics options
• Industry standard incident investigation framework, meeting audit and compliance needs
• Centralised incident management providing integrated business context through data gathered
• SOC measurement and reporting with KPIs, dashboards and automated reports
• Scalable, on-demand, cloud-based solution, flexible options meeting ad-hoc EPS requirements
• In-scope security visibility and awareness through single pane of glass
• 24x7x365 security information and event management from highly trained team
• Cloud SIEM platform for security log/events collection, correlation and monitoring
• Protective Monitoring meeting compliance needs including NIST and GPG13 guidelines

Benefits

• Quickly detect and respond to potential high impact cyber attacks
• Prioritise incidents that pose the biggest risk to your organisation
• Manage incident management as a consistent and predictable business process
• Reduces implementation and delivery risks through proven, assured services
• Move from Capex to flexible operational expenditure based cost model
• Tackle your security skills challenge by using our experienced people
• Deploy effective SOC and SIEM capability more quickly and flexibly
• Standards compliance including ISO27001:2013, Cyber Essentials Plus
• Enables cost effective security management with risk visibility and insight
• Business confidence and security assurance in your move to cloud

£6,275.00 an instance

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ccsframeworks@bt.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

317311655491752

Contact

Frameworks Team
0800 3288077
ccsframeworks@bt.com

Service scope

• Service constraints: Cloud SIEM can be purchased and used independently of any other services, however if log management above 92 days are required then this will be discussed separately.
• System requirements:
  • Ability to host a virtual (preferred) or physical Sentry
  • Ability to send logs via a supported communication method
  • Network connectivity and firewall rules to support log gathering
  • Connection back to BT DC's on port TCP/443

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Response times from the point at which an incident is recognised to being assigned to an analyst depend on the severity and range from up to 30 mins (Critical) to 2 hours (Low). Time to communicate to the customer from incident assignment range from up to 45 mins to 8 hours depending upon the severity.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Customers will be provided with a helpdesk number which is the point of contact for any business issues or escalations and a named Service Optimisation Manager who would provide support on using the portal and analysis on the volume of alerts and tuning of their use cases and rules.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Customers will be provided with on boarding training on using the portal and important information on the service.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Retained logs (up to purchased log retention period) can be exported at customer expense.
• End-of-contract process: Optional customer log export followed by removal of customer accounts, data and logs from service.

Using the service

• Web browser interface: Yes
• Using the web interface: Users can personalise dashboard widgets, run one off reports, set up scheduled reports, view alerts, etc.
• Web interface accessibility standard: None or don’t know
• How the web interface is accessible: Accessible through web browser via the internet and BT service portal.
• Web interface accessibility testing: N/A
• API: No
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type: Automatic
• Independence of resources: Capacity management tools are in place to protect each customer's service from excessive traffic
• Usage notifications: No

Analytics

• Infrastructure or application metrics: Yes
• Metrics types: Network
• Reporting types:
  • Real-time dashboards
  • Regular reports

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest: Other
• Other data at rest protection approach: BT uses Amazon S3, AES-256 using AWS KMS (Key Management Service)
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • The customers logs
  • The customers offenses
• Backup controls: Supplier controls the whole backup schedule.
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Supplier controls the whole backup schedule
• Backup recovery: Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
• Other protection within supplier network: BT use TLS and IPSec; AWS data terms at following link https://d1.awsstatic.com/legal/aws-gdpr/AWS_GDPR_DPA.pdf

Availability and resilience

• Guaranteed availability: ≥ 99.95%
• Approach to resilience: 2 BT datacentres in each region with active/active failover, plus the resilience inherent in AWS cloud platform utilised for SIEM hosting.
• Outage reporting: Monthly reports are generated and sent to any customers.; Emails ; Phone calls

Identity and authentication

• User authentication: 2-factor authentication
• Access restrictions in management interfaces and support channels: Engineering access is controlled by standard BT practices including two-factor authentication against BT Corporate Identity Platform. SOC access is controlled by same process as user access.
• Access restriction testing frequency: At least once a year
• Management access authentication: 2-factor authentication
• Devices users manage the service through: Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: You control when users can access audit information
• How long user audit data is stored for: Between 1 month and 6 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: Between 1 month and 6 months
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Lloyds Register
• ISO/IEC 27001 accreditation date: 07/03/2022
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: ISO 9001, ISO 27017, ISO 27018, Cyber Essentials Plus

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Configuration and change management are built into everything we do in BT. High and low level processes and procedures are produced, followed and audited.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Vulnerability management is built into everything we do in BT. High and low level processes and procedures are produced, followed and audited.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Proactive monitoring is built into everything we do in BT. High and low level processes and procedures are produced, followed and audited.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Incident management is built into everything we do in BT. High and low level processes and procedures are produced, followed and audited.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: VMware
• How shared infrastructure is kept separate: Through tagging of data and Role Based Access Controls, plus separation employed by AWS within their services.

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: N/A

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  BT Group has been a leader on climate action for over 30 years. We have been tracking our carbon reductions since 1992 and become one of the first companies in the world to set a science-based target in 2008. Our networks and buildings are all powered by renewable electricity, and we are aiming to transition the majority of our fleet to electric or zero-emission vehicles by 2030 (now over 2,400 in total). To date, our electric fleet has travelled more than 7.9 million miles, saving over 2,200 tonnes of CO2e, which helps us transition to a net zero economy much faster. ; ; We are investing in full fibre broadband and 5G networks that will pave the way for lower-carbon ways of life and work. We believe to reach Net Zero renewable energy, low-emission vehicles and technology hardware are important, which the Crown Commercial Services also believe. Due to our solutions for Carbon reduction aligning, BT can consider setting up a workshop with CCS to share ideas and objectives on how to achieve net zero.; ; We have pledged to become a net zero business by the end of March 2031, and we are targeting net zero for our supply chain and customer emissions by the end of March 2041.We have also set a target to help customers avoid 60 million tonnes of CO2e by the end of March 2030. We aim to contribute to a circular economy by reducing waste and enhancing opportunities to repair, refurbish and recycle. This year, our customers returned more than 1.8 million home hubs and set-top boxes to us and through our refurbishment operation, we reused 83% and recycled the rest. We also collected over 190,000 mobile devices through trade-in schemes, all of which were reused (97%) or recycled.

  Covid-19 recovery

  At BT we understand the important of showing support to others, especially those in vulnerable situations. To show our support, BT has launched the award-winning Care Companions initiative during Covid – matching BT volunteers with residents in care homes, providing a befriending service with weekly calls brightening someone’s day. From those humble beginnings there are now around 400 BT volunteers from 29 contact centres across the UK making weekly calls to around 15,000 care home residents. As well as befriending residents, tackling loneliness and isolation, BT volunteers have also continued to support the care homes with fundraising and gardening.; ; We also work closely with Home-Start. A local community network of trained volunteers and expert support, helping families with young children through challenging times. Our partnership helps people improve their digital skills, whilst opening fantastic fundraising and volunteering opportunities for our colleagues. ; ; Our partnership aims to support Home-Start families with: ; · Digital Confidence ; · Data Connectivity ; · Access to devices ; ; Staff will use their volunteering hours to help support families with digital support. We will be teaching families basic digital skills such as using a laptop, tablet, or mobile phones. Also, we would use these hours to help families apply for schools, colleges, and jobs to put them in a position for a better future. ; ; We also offer flexible working. Since Covid, many people have been through demanding situations, and some are now going through cost-of-living issues. Giving our employees the chance to work from home twice a week, allows them to save on expenditures travelling to and from the office including spending while within the office. We also understand how Covid affected many people through losing loved ones. We hope flexibility allows employees to be around their loved ones more often and support each other after going through tough times.

  Tackling economic inequality

  At BT we are aware, in the UK there are skill shortages for many people who face multiple barriers into employment for several reasons out of their control. This is why we have supported more than 51,000 people with employability guidance and work life digital skills since 2014. Our aim is to boost social mobility and economic productivity by helping young people succeed in an increasingly digital world of work.; ; We are committed to being responsible, sustainable, and inclusive. It is fundamental to our purpose that we ‘connect for good’. BT is one of the largest employers of apprentices in the UK. In 2022, we ranked third place in the top 100 Apprenticeship employers in the UK and recruited more than 2,600 apprentices and graduates over the past four years. An addition to this, we hired 400 apprentices and graduates in 2023 in different cities across the UK such as London, Birmingham, Manchester, Bristol and more. ; As well as employment schemes, BT have delivered over 185 workshops reaching over 4900 pupils aged between 11 and 19. Our employees share their work skills and experiences with this next generation of employees and drive aspirations to work in engineering, innovation, and technology industries.; Our 5-hour workshops: ; • Give young people the opportunity to explore their individuality, skills and interests through group activities and challenges, supporting their careers education at school.; • Align with the Gatsby Benchmarks to support schools to deliver great careers education across the UK and Northern Ireland and work towards their quality education standards e.g. OFSTED Inspections.; • Feature STEM (science, technology, engineering, maths) activities that link curriculum-based learning to the skills employers are looking for in areas such as Software Design and Engineering, Fibre Network Build and Cybersecurity Planning and Solutions.

  Equal opportunity

  Everyone, regardless of background, experience, or their place in society, should be afforded opportunities to help them learn and grow. This is the foundation upon which a modern, progressive, and inclusive society functions. In achieving this, we all benefit. We benefit from talent, no matter from where it comes; being able to grow, mature and prosper. This is BT’s philosophy.; ; We have set out some 2030 ambitions relating to gender, ethnicity, and disability. By 2030, our workforce will be: ; • 50% Gender (we want 50% of BT Group colleagues (excl. Openreach) to be women); • 25% Ethnicity (we want 25% of BT Group colleagues (UK workforce, excl. Openreach) to be Black, Asian or from an ethnic minority background); • 17% Disability (we want 17% of BT Group colleagues (UK workforce excl. Openreach); ; We have partnerships with different agencies which we work with to support equal opportunities. One of which is Purple Goat, which is one of the UK’s only communications agencies run by disabled people. We partnered with them to deliver a series of videos highlighting the experiences of colleagues with a range of disabilities – including diabetes, autism, and visual and hearing impairments. ; We have also built relationships with Code First Girls, Women Returners, Black Girls Tech Summit, and Girls Talk London. These initiatives help delegates develop their skills and network with peers, creating more opportunities for women to move into technology careers. ; And as lead sponsor of the Avado FastFutures programme, we are helping upskill over 7,000 18–24-year-old learners from ethnically diverse backgrounds. We want to help them develop digital and data skills to unlock opportunities and launch their careers.

  Wellbeing

  At BT, we always put wellbeing and safety first. For us, there are no shortcuts in keeping everyone safe. We work on creating fulfilled, safe, happy, and healthy employees in a culture where everyone can thrive. BT’s supporting wellbeing in the workplace includes: ; ; SilverCloud, which provides programmes designed to help improve and maintain wellbeing by addressing core underlying issues that can have a negative impact on how employees live their lives. We will ensure that all our staff within the contract are aware of this support option if needed. These include modules on stress, money worries, perinatal wellbeing, anxiety and more. Users would usually be recommended to complete one module of their choice within a week period. ; ; We will measure the mental health in respect of the contract using a ‘YourSay’ survey, published annually, of: ; · No. of individuals are aware of the support services. ; · No. of individuals have participated in mental health awareness events. ; · No. of managers who completed the mandatory training. ; · Additionally, managers that are qualified mental health first aiders. ; ; BT also provide their Employee Assistance Programmes (EAP). The EAP provide a range of services, notably employee counselling, but also legal advice, practical financial information, and advice on dealing with debts. BT's EAP includes a comprehensive range of personal and group services to help our people deal with worrying or tricky situations. It is entirely free of charge for users. ; The EAP is delivered by Optum - our Occupational Health & Wellbeing Centre of Expertise ensures the services are delivered to the highest standards to meet our people's needs. You can contact the EAP, in confidence, 24 hours a day, 7 days a week, 365 days a year so that help is available whenever it is needed. Assistance can be provided face-to-face or via telephone.

Pricing

• Price: £6,275.00 an instance
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ccsframeworks@bt.com. Tell them what format you need. It will help if you say what assistive technology you use.