Public Services > Central Government

G-Cloud 10 set to encompass cyber security services framework

David Bicknell Published 11 April 2018

Planned procurement dates for G-Cloud 10 expected to be largely unchanged with applications due to open later this month; CCS expected to engage with buyers over GDPR implications


It is understood the Crown Commercial Service has confirmed moves to roll the Cyber Security Services 2 framework into G-Cloud 10.

The move has been on the cards for some time, cloud specialists say. The details formally emerged at a briefing for suppliers held at techUK yesterday.

However, it is understood that no other major changes are planned ahead of the opening of the new framework for applications later this month. The original scheduled date for applications was expected to be on April 18, with applications closing five weeks later on May 23. CCS, however, has yet to publicly confirm the cyber security services framework move and G-Cloud 10’s final timetable.

Chris Farthing, managing director at G-Cloud consultancy Advice Cloud , said his advice to prospective G-Cloud 10 applicants would be to consider the government’s current challenges, particularly Brexit, when formulating their G-Cloud 10 services for when the framework opens for applications. 

“Anything related to Brexit will do well, I think,” he said. Farthing said he expected that G-Cloud 10 would be a rerun of something very similar to G-Cloud 9. 

One other area Farthing pointed out was the need for buyers to be aware of impending General Data Protection Regulation (GDPR) coming into force on May 25. Farthing said he expected that CCS would be getting in touch with buyers with specific GDPR advice. “On GDPR, there is a need to get buyers to understand what they need to do,” he said.

Supplier organisations have already been encouraged to identify existing contracts involving processing personal data which will be in place after May 25, and to write to all buyers notifying them of changes intended to be made to relevant G-Cloud 9 contracts to bring them into line with new data protection regulations. 

The challenge that suppliers face is that buyers still do not understand the implications of GDPR on cloud services especially around who controls the data (at the infrastructure as a service level).

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.