In item #2,3 Compliance you write: "Does your employees/specialists adhere to the OT security specialists guidance reference from the Danish Energy Ministry (attached)"

In 3.1 you write: "The service must be operated fully out of the European Union"

Could this be expanded to the EEA (the 27 EU member states plus three non-EU countries: Iceland, Liechtenstein, and Norway)?

1. There are several questions about our capability to integrate with EVIDA’s system such as OT SIEM. Is there a chance you can share more details about your environment? In addition, to answer many of your questions about Detection and Response, we’ll need to know which security systems you already have.

2. In 6.2 you write that the service must be delivered by personnel with security clearance. Can you please let us know what will be accaptable for Israelian citizens that will be part of the solution offered by BDO?

Hi!
We would like some additional clarification regarding the level of detail in the first RFI - round of this tender. 
 
Do you want us to make a complete offer and answer all the requirements in the RFP excel-sheet in this RFI-round?

Or would you like us to present our servies more broadly based on your requirements, while the document is included to prepare us for a next round if we qualify?

What vulnerability scanning tool is currently in place and are your management requirements configuration only or full scanner infrastructure management?

• If monitoring is already in place, what is the current log volume per day for OT and IT and is transition from an incumbent provider required as part of this exercise?
• In the RFI, it is requested to integrate with the current OT SIEM, could you tell us what is the current OT SIEM solution?
• What level of logging will be shared with the MSS provider (firewall, IDS, EDR/EPP, authentication logs)?

To answer questions 8.4 and 8.5 in the RFI, could you please share EVIDA’s NDA and NPA documents? We haven't been able to find those attached to this RFI. 

Can we utilise specialist resources from other regions thank Europe, if we ensure Data is kept within EU ?

Can you say anything about when you expect / want the outlined new solution to be Ready for Service?

You write: "Please provide a net price example for 900 PLC'er, 4000 IP'er og 100 servers for: 3 year contract term (in DKK)"

Can you elaborate or describe in more details what you mean by "IP'er" here? 

You write: "The service must be offered based on the EVIDA’s Trellix for Endpoint clients"

Please 

1. elaborate what you mean by "based on" 

and 

2. could you state the number of clients?

How do we get access to this guidance from the Danish Energy Ministry ?

Don't see anywhere in the Comdia portal to submit the filled sheet RFP answer, how should this be done?

The RFP sheet refers EVIDA NDA and DPA standard templates.

Could You please share those for review and possible comments? 

Hi Evida

We have following questions to the RFI:

OT 3.5 Which network devices do you have in mind?

OT 5.1 Which SIEM do you have in mind?

OT 5.13 Which Log System do you have in mind?

IT 5.13 Which Log System do you have in mind?

Additionally:

• If monitoring is already in place, what is the current log volume per day for OT and IT and is transition from an incumbent provider required as part of this exercise?

• In the RFI, it is requested to integrate with the current OT SIEM, could you tell us what is the current OT SIEM solution?

• What level of logging will be shared with the MSS provider (firewall, IDS, EDR/EPP, authentication logs)?

• There are several questions about our capability to integrate with EVIDA’s system such as OT SIEM. Is there a chance you can share more details about your environment? In addition, to answer many of your questions about Detection and Response, we’ll need to know which security systems you already have.

How many Sites do you have where OT assets exist ?

How many OT switches do you want to take a copy of their traffic in each site and in total

What are your protection priorities (availability, integrity or confidentiality) for the OT assets?