Dear Torfaen Council,

Under the freedom of information act 2000. I write to obtain the following details:

1) Name and role for IT Manager(s) / Officer(s) primarily responsible for cyber security

2) Names of all cyber security providers you work with and buy from

3) Names of all cyber security vendor(s) you use

3b) Renewal date for the above vendor(s)

3c) Cost and duration for the above contract(s)/license(s)

3d) For what purpose do you use the vendor
(E.g. Firewalls E.g.2 Anti-virus E.g.3 Vulnerability scanning E.g.4 PCI)

4) Number of websites the council is responsible for securing

Many thanks,
Tom Collins

Call Torfaen, Torfaen Council

Thank you for taking the time to email Torfaen County Borough Council.

 

Please be aware that your enquiry is being addressed and a reply will be
sent within 10 working days.

 

Did you know that you can report issues and request information via our
website at [1]www.torfaen.gov.uk or make reports and requests by
downloading our Mobile App.

 

By registering your email address, you will be able to track progress of
your enquiry from start to finish.

 

The Mobile App is available on Apple, Android and Windows devices and can
be found by typing Torfaen into the search function in the relevant App
Store.

 

'

The
Council welcomes correspondence in Welsh and English. Correspondence
received in Welsh will be answered in Welsh and will not lead to any
delay.
**********************************************************************
Mae’r Cyngor yn croesawu gohebiaeth yn Gymraeg a Saesneg. Cewch ateb
Cymraeg i bob gohebiaeth yn Gymraeg ac ni fydd yn arwain i unrhyw oedi.'

References

Visible links
1. http://www.torfaen.gov.uk/

FOI, Torfaen Council

Dear Mr Collins,

17/670: FREEDOM OF INFORMATION REQUEST

Thank you for your email dated 07/09/2017 requesting information under the Freedom of Information Act 2000. I have logged your email and will deal with your request in order that we can respond to you within the statutory deadline of 20 working days.

I will contact you further as soon as the relevant information is available.

Yours sincerely

Chris Corten
SENIOR BUSINESS SUPPORT OFFICER COMPLAINTS/FOI / UWCH SWYDDOG CYMORTH BUSNES CWYNION/RHYDDID GWYBODAETH
Chief Executive’s Service / Gwasanaeth Y Prif Weithredwr
Torfaen County Borough Council / Cyngor Bwrdeistref Sirol Torfaen
Phone/Ffôn: 01495 742170
Fax/Ffacs: 01495 766331
Email/Ebost: [email address]
This email is available in large print, Braille or Welsh upon request

FOI, Torfaen Council

Dear Mr Collins,

 

17/670: FREEDOM OF INFORMATION REQUEST

 

Thank you for your email dated 07/09/2017 requesting information under the
Freedom of Information Act 2000. I am now in a position to respond to your
questions as follows:

 

1)Name and role for IT Manager(s) / Officer(s) primarily responsible for
cyber security

Paul Higgs – Assistant Director, Infrastructure

2)Names of all cyber security providers you work with and buy from

Microsoft / Bytes / Insight

3) Names of all cyber security vendor(s) you use

 

This information is exempt from disclosure under Section 31(1)(a) of
the Freedom of Information Act

 

3b) Renewal date for the above vendor(s)

 

This information is exempt from disclosure under Section 31(1)(a) of
the Freedom of Information Act

 

3c) Cost and duration for the above contract(s)/license(s)

 

This information is exempt from disclosure under Section 31(1)(a) of
the Freedom of Information Act

 

3d) For what purpose do you use the vendor (E.g. Firewalls E.g.2
Anti-virus E.g.3 Vulnerability scanning E.g.4 PCI)

 

This information is exempt from disclosure under Section 31(1)(a) of
the Freedom of Information Act

 

4) Number of websites the council is responsible for securing 10

 

 

 

For questions 3, 3b, 3c and 3d I can confirm that Torfaen County Borough
Council does hold information in relation to the questions not answered in
your request, however we are withholding this under the following
exemption;

 

S31(1)(a) Law Enforcement – Section 31(1) (a) states that information is
exempt if its disclosure under the Act would or would be likely to
prejudice the prevention or detection of crime. There is a concern that
disclosure of the information could potentially lead to cyber criminal
activity.

 

This exemption is subject to the public interest test. This means that the
information can be withheld if the public interest in maintaining the
exemption outweighs the public interest in disclosure. The factors in
favour of disclosure are public awareness and openness. The factors
against are due to the potential that someone could gain a map of the
entry points into our systems so that would give them the opportunity to
establish a picture of our security. The authority uses a number of
systems that deal with financial matters inclusive of payments.
Furthermore, our Social Care and benefits systems contain personal
information of vulnerable members of the community and it is our duty to
ensure that such information is retained in as secure a manner as
possible. In addition to this, as we are reliant on the security of our
systems to function on a daily basis, any breach poses the threat of an
inability to function thus impacting on the business and our residents.

 

The guidance on the information commissioner’s Office website states;

“There is a clear public interest in protecting society from the impact of
crime. The greater the potential for a disclosure to result in crime, the
greater the public interest in maintaining the exemption. The victims of
crime can be both organisations and individuals. Although there is a
public interest in protecting both, there is a greater public interest in
protecting individuals from the impact of crime.

 

The impact of crime is not confined to its immediate victims. A request
for the cyber security services provided the opportunity to consider the
wider repercussions of crime in more detail.

 

 

 

Information supplied in response to any Freedom of Information Act request
may be subject to copyright. A single copy of information supplied under
the Freedom of Information Act may only be used for personal,
non-commercial research or study, unless stated otherwise. It must not be
passed to others, copied or re-published in whole or in part without
permission from the copyright holder. Any copyright statement that forms
part of or in any way refers to the information provided must not be
altered or removed.

 

If you have any queries about this letter or are unhappy about the service
you have received in relation to your request and wish to make a complaint
or request a review, please do not hesitate to contact me in writing.

 

If you are not content with the outcome of your complaint, you may apply
directly to the Information Commissioner for a decision. Generally, the
Information Commissioner’s Office (Wales) cannot make a decision unless
you have exhausted the complaints procedure provided by this Council. The
Information Commissioner can be contacted at: The Information
Commissioner’s Office (Wales), 2^nd Floor, Churchill House, Churchill Way,
Cardiff, CF10 2HH. Telephone 029 2067 8400 or Fax 029 2067 8399 or e-mail
[1][email address].

 

Yours sincerely

 

 

Chris Corten

SENIOR BUSINESS SUPPORT OFFICER COMPLAINTS/FOI / UWCH SWYDDOG CYMORTH
BUSNES CWYNION/RHYDDID GWYBODAETH

Chief Executive’s Service / Gwasanaeth Y Prif Weithredwr

Torfaen County Borough Council / Cyngor Bwrdeistref Sirol Torfaen

Phone/Ffôn: 01495 742170

Fax/Ffacs: 01495 766331

Email/Ebost: [2][email address]

This email is available in large print, Braille or Welsh upon request

 

 

Looking for an EU Authority?

You can request documents directly from EU Institutions at our sister site AskTheEU.org . Find out more .

AskTheEU.org