Call for Bids: Cyber Capacity Building Research Project on Public-Private Partnership best practices for combatting ransomware in support of the Counter Ransomware Initiative

The Global Forum on Cyber Expertise (GFCE) invites bids for the following research project: “Research & creation of a public-private partnership capacity building tool for combatting ransomware”, by 8 February 2023. Please read the project description below or download it here.

Project Description

The U.S. Cybersecurity & Infrastructure Security Agency (CISA), the U.S. Department of State, and the Ministries of Foreign Affairs and of Interior of Spain propose the development of a capacity-building tool to help countries understand best practice in the creation and use of public-private partnerships (PPPs) to combat ransomware. This activity will also support the work of the Counter Ransomware Initiative (CRI), and one of the five Working Groups established under the initiative, namely the Public-Private Partnership Group, chaired by Spain. The Working Group contributes to the overall goals of building collective resilience to ransomware, cooperating to disrupt ransomware and pursue the responsible actors, countering illicit finance that underpins the ransomware ecosystem, as well as working with the private sector to defend against ransomware attacks, as re-affirmed at the second CRI Summit, held in Washington D.C. on 31 October – 1 November.

 This tool will feature a collection of case studies of successful PPPs that have been used in the counter-ransomware fight, including examples such as the United States Joint Cyber Defense Collaborative (JCDC). It will examine the features that made such PPPs successful and offer practical guidance to countries seeking to develop and implement their own partnerships around the globe. The goal will be to ensure that the tool is practically useful and relevant to countries across the world looking to establish their own successful PPPs to protect against ransomware attacks. This tool will be commissioned by suitably qualified experts selected and supported through the GFCE, an international leader in cyber capacity building.

Main responsibilities and expected deliverables

The consultant/researcher will be responsible for implementing the research project and will be selected on the strength of the specific activities that will be outlined in the research project proposal. The selected consultant/researcher is also responsible for connecting with the GFCE throughout the duration of the project, and will be expected to accept feedback from the stakeholders.

Please note that this bid is not for turning the research report into a web-based tool, but for the necessary research work needed to create the background materials for the production of the tool. Some expected deliverables could include, but are not limited to:

  1. Initial identification and mapping of best practices in the public and private sector for combatting ransomware;
  2. Methodology document explaining the approach, expected interviewees (if needed), datasets that will be used, etc.;
  3. Draft report;
  4. Draft summary document for circulation and promotion;
  5. Final report;
  6. In consultation with the web-designer, creating a web-based, user-friendly version of the report.

 

How to Apply

If you would like to submit a bid for the research project, please send an email to the GFCE Secretariat at contact@thegfce.org with the following documents by 8 February 2023:

1) CV or company profile

2) Technical proposal including the following:

  • Brief description of how the consultant/firm will implement the research idea;
  • Clear timeline of work, including key milestones, planned points of contact with the GFCE, and an anticipated 1-2 weeks of feedback near the end of the project;
  • Payment schedule.


3) Short motivation letter and list of at least 3 examples of previous work (i.e., reports, publications, projects’ description, etc.)

4) Completed Disclosure of Interest form (Download)


Additional details

  • Location: Remote
  • Type of contract: Short-term research consultancy
  • Starting date:  March 2023
  • Duration of the contract: Up to 6 months