RFP 2026-003 Threat Intelligence Platform

Background The Bank’s mission critical services handle billions of dollars worth of transactions daily. Technology services are supported by multiple Bank data centres and Azure cloud services. The Bank Cyber Threat Intelligence team (CTI team) was created in 2020 to provide timely cyber security threat information in support of clients looking to uphold their responsibilities in defending the Bank. The CTI team consists of two full-time staff and is part of the Cyber Monitoring and Response (Cyber M&R) Portfolio within the Bank Cyber Security Division (Cyber). The CTI team currently use a variety of open-source tools, intelligence shared from partner organizations and information found on the internet. They produce value-added intelligence, then share it internally and with partner organizations. They manually produce reports and briefings for Bank leaders and technical analysis for more technical audiences such as detection engineering and cyber security monitoring teams. The Bank now wants to further mature the Bank’s Cyber Threat Intelligence function (CTI function), increase automation and advance the integration of threat intelligence, detection engineering and cyber security monitoring. The Bank’s 2025–2027 strategic plan committed the Bank to “Sustaining our resilience,” with a focus on keeping the Bank secure, modern, and efficient. This cyber threat intelligence platform procurement initiative directly supports that theme by enabling the CTI function to deliver high-quality, curated, and actionable threat intelligence at scale. It will enhance the Bank’s ability to proactively detect, assess, and respond to cyber threats, contributing to the Bank’s overall resilience posture. This initiative is aligned with the following Cyber Strategy objectives: Enhance threat intelligence capabilities to support proactive detection and prioritization of cyber threats. Automate and streamline CTI workflows to improve operational efficiency and reduce manual overhead. A third-party maturity assessment of the CTI team identified the lack of a centralized threat intelligence platform as a key gap limiting maturity, scalability, and impact. Specifically, the assessment rated the CTI team’s collection capabilities as initial and processing as managed due to significant manual intelligence collection, management, and lack of automated indicators of compromise (IOC)/tactics, techniques, and procedures (TTP) ingestion, and enrichment. Objective The Bank is seeking a service provider who will be engaged annually for the provision of Cyber Threat Intelligence managed services and platform.  Bidding and Documents are available on http://www.merx.com. Fees may apply; See https://www.merx.com/public/pricing for more information.