HMRC Security Capability Optimisation early market engagement webinar
3pm – 4.30pm7 April 2025
Online
techUK is delighted to be hosting HM Revenue and Customs (HMRC) on Monday 7 April (15:00-16:30) for an early market engagement webinar on its Security Capability Optimisation opportunity.
Important Notice
This webinar and the information shared on this listing are Commercial in Confidence due to the nature of the ask. Attendees are expected to treat all materials and discussions as confidential and not share them more widely.
About the Opportunity
HMRC is excited to invite suppliers to participate in an exploratory session to assess the feasibility of optimising our security operations. This study aims to determine the potential for developing a dynamic, modern security capability that can adapt effectively to an ever-changing threat landscape.
HMRC is looking to engage collaboratively with forward-thinking suppliers to explore how they could:
Streamline and modernise security processes to ensure operational excellence.
Leverage cutting-edge technology and specialised expertise to stay ahead of emerging threats.
Upskill HMRC’s security workforce and build a sustainable foundation for the future.
This is an opportunity for suppliers to contribute to shaping and enhancing HMRC’s approach to security delivery. Participation will enable suppliers to influence future strategies aimed at protecting the UK’s people, assets, and customer data, contributing to national security objectives.
Themes
To build on its existing security capabilities, HMRC has grouped 18 in-scope services into five themes, which align with its Security Operating Model. These themes are designed to enhance efficiency, leverage supplier expertise, and support HMRC’s ongoing commitment to maintaining a strong and resilient security posture.
The themes were developed based on internal, industry, and cross-government assessments, using a set of guiding principles. While the structure is carefully designed, HMRC welcomes supplier feedback and suggestions to refine and optimise the approach.
While the department will provide further details on its requirements and expectations for each service during the webinar, it is deliberately keeping some aspects open to encourage suppliers to offer innovative ideas and share their perspectives on the best ways to deliver these services.
Theme 1: SOC and supporting services
Cyber Incident Management
Cyber Threat Intelligence
Cyber Engineering
Cyber Customer Protection
Theme 2: Personnel security
Insider Risk Mitigation
Skills and Learning
Security Culture & Awareness
Internal Communications
Theme 3: Security strategy and governance
Security Front Door
Security Governance
Strategy & Investment
Theme 4: Business continuity and disaster recovery (BC/DR)
Incident Management
Strategic Planning & Continuity
Training & Exercising
Theme 5: Risk, compliance and supplier security
Compliance, Operations and Reporting
Policy, Risk and Controls
Supplier Security
Service management
Should this initiative proceed, services would be managed internally by HMRC through an Intelligent Client Function (ICF).
The ICF would:
Act as the central point of contact between suppliers and HMRC.
Provide oversight of supplier performance and ensure alignment with HMRC’s strategic objectives.
Manage the coordination of activities across themes, maintaining continuity and integration.
Retain responsibility for high-value strategic decisions and the development of long-term security capabilities.
This approach would support a collaborative partnership, enabling suppliers to focus on providing specialist expertise under an effective client management structure.
Event objectives and format
HMRC is committed to making this webinar interactive and valuable. During the session:
Suppliers will provide real-time feedback via Menti, contributing to discussions on service bundling and delivery models.
Opportunities will be provided to ask questions about each theme.
For more commercially sensitive queries, suppliers can follow up with the HMRC team after the event.
Key areas of focus:
Exploring how suppliers can contribute to the delivery of the listed services, including areas where they bring specific expertise or innovative approaches.
Understanding supplier preferences regarding the bundling of services, including whether the grouping aligns with their delivery models, enhances efficiency, or could be adjusted to better leverage supplier expertise.
Understanding supplier fee structures, including but not limited to maintenance fees, charging mechanisms, out-of-hours fees, and other pricing models.
This webinar provides suppliers with an opportunity to inform HMRC's approach and ensure any subsequent procurement process aligns effectively with supplier capabilities and preferences.
Who should attend
Suppliers with expertise in any of the security areas listed above are encouraged to participate.
HMRC is open to a range of delivery models, including:
Consortium bids, where multiple organisations collaborate to deliver across themes.
Single supplier bids covering all five themes for organisations with comprehensive capability.
Single supplier bids for individual themes to leverage specialist expertise.
There is no requirement or expectation that any one supplier addresses all five themes.
Register now to participate in this webinar.
Jill Broom
Head of Cyber Resilience, techUK
Jill Broom
Head of Cyber Resilience, techUK
Jill leads the techUK Cyber Security programme, having originally joined techUK in October 2020 as a Programme Manager for the Cyber and Central Government programmes. She is responsible for managing techUK's work across the cyber security ecosystem, bringing industry together with key stakeholders across the public and private sectors. Jill also provides the industry secretariat for the Cyber Growth Partnership, the industry and government conduit for supporting the growth of the sector. A key focus of her work is to strengthen the public–private partnership across cyber to support further development of UK cyber security and resilience policy.
Before joining techUK, Jill worked as a Senior Caseworker for an MP, advocating for local communities, businesses and individuals, so she is particularly committed to techUK’s vision of harnessing the power of technology to improve people’s lives. Jill is also an experienced editorial professional and has delivered copyediting and writing services for public-body and SME clients as well as publishers.
Annie is the Programme Manager for Cyber Resilience at techUK. She first joined as the Programme Manager for Cyber Security and Central Government in September 2023.
In her role, Annie supports the Cyber Security SME Forum, engaging regularly with key government and industry stakeholders to advance the growth and development of SMEs in the cyber sector. Annie also coordinates events, engages with policy makers and represents techUK at a number of cyber security events.
Before joining techUK, Annie was an Account Manager at a specialist healthcare agency, where she provided public affairs support to a wide range of medical technology clients. She also gained experience as an intern in both an MP’s constituency office and with the Association of Independent Professionals and the Self-Employed. Annie holds a degree in International Relations from Nottingham Trent University.
Programme Marketing Assistant for Public Sector Markets, techUK
Tracy Modha
Programme Marketing Assistant for Public Sector Markets, techUK
Tracy supports the marketing of several areas at techUK, including Cyber Exchange, Central Government, Cyber Resilience, Defence, Education, Health and Social Care, Justice and Emergency Services, Local Public Services, Nations and Regions and National Security.
Tracy joined techUK in March 2022, having worked in the education sector for 19 years, covering administration, research project support, IT support and event/training support. My most outstanding achievement has been running three very successful international conferences and over 300 training courses booked all over the globe!
Tracy has a great interest in tech. Gaming and computing have been a big part of her life, and now electric cars are an exciting look at the future. She has warmed to Alexa, even though it can sometimes be sassy!
techUK brings together key players across the cyber security sector to promote leading-edge UK capabilities, build networks and grow the sector. techUK members have the opportunity to network, share ideas and collaborate, enabling the industry as a whole to address common challenges and opportunities together. Visit the programme page here.
techUK member briefing with DSIT on the Cyber Security and Resilience Bill 3
On Wednesday 23 April (14:00 – 15:30) we are delighted to be hosting the team from the Department for Science, Innovation and Technology that is leading on the Cyber Security and Resilience (CSR) Bill for a hybrid discussion on the upcoming legislation and the proposed legislative measures for cyber security and resilience.
Cyber Security and Resilience Bill - Policy Statement of Intent
Today (1 April), the Department for Science, Innovation and Technology (DSIT) published the Policy Statement of Intent for the Cyber Security and Resilience Bill.
Government publishes Cyber Governance Code of Practice
Following the 2024 Call for Views on the Cyber Governance Code of Practice, the Department for Science, Innovation and Technology (DSIT) has published practical guidance to help boards and directors govern their organisations’ cyber security risks more effectively.
Do you have a trailblazer in your team?
Do you work with an innovator or a problem solver?
Do you have an inspirational colleague who deserves the spotlight for their work? The President’s Awards are back for 2025 and open for nominations. All techUK members are encouraged to nominate one colleague.
Our members develop strong networks, build meaningful partnerships and grow their businesses as we all work together to create a thriving environment where industry, government and stakeholders come together to realise the positive outcomes tech can deliver.
Jill leads the techUK Cyber Security programme, having originally joined techUK in October 2020 as a Programme Manager for the Cyber and Central Government programmes. She is responsible for managing techUK's work across the cyber security ecosystem, bringing industry together with key stakeholders across the public and private sectors. Jill also provides the industry secretariat for the Cyber Growth Partnership, the industry and government conduit for supporting the growth of the sector. A key focus of her work is to strengthen the public–private partnership across cyber to support further development of UK cyber security and resilience policy.
Before joining techUK, Jill worked as a Senior Caseworker for an MP, advocating for local communities, businesses and individuals, so she is particularly committed to techUK’s vision of harnessing the power of technology to improve people’s lives. Jill is also an experienced editorial professional and has delivered copyediting and writing services for public-body and SME clients as well as publishers.
Annie is the Programme Manager for Cyber Resilience at techUK. She first joined as the Programme Manager for Cyber Security and Central Government in September 2023.
In her role, Annie supports the Cyber Security SME Forum, engaging regularly with key government and industry stakeholders to advance the growth and development of SMEs in the cyber sector. Annie also coordinates events, engages with policy makers and represents techUK at a number of cyber security events.
Before joining techUK, Annie was an Account Manager at a specialist healthcare agency, where she provided public affairs support to a wide range of medical technology clients. She also gained experience as an intern in both an MP’s constituency office and with the Association of Independent Professionals and the Self-Employed. Annie holds a degree in International Relations from Nottingham Trent University.
Programme Marketing Assistant for Public Sector Markets, techUK
Tracy supports the marketing of several areas at techUK, including Cyber Exchange, Central Government, Cyber Resilience, Defence, Education, Health and Social Care, Justice and Emergency Services, Local Public Services, Nations and Regions and National Security.
Tracy joined techUK in March 2022, having worked in the education sector for 19 years, covering administration, research project support, IT support and event/training support. My most outstanding achievement has been running three very successful international conferences and over 300 training courses booked all over the globe!
Tracy has a great interest in tech. Gaming and computing have been a big part of her life, and now electric cars are an exciting look at the future. She has warmed to Alexa, even though it can sometimes be sassy!
