Cabinet Office Email Security & Classifications Policies
Ryan Jarvis made this Freedom of Information request to Cabinet Office
Dear Cabinet Office,
I am writing to respectfully make a formal request in accordance with the Freedom of Information Act 2000.
The privacy of emails sent via the @cabinetoffice.gov.uk and @number10.gov.uk domains is at risk. These domains do not appear to have MTA-STS configured. This means that email privacy (using TLS) is vulnerable to downgrade, allowing an attacker to read the contents of emails.
My request is as follows:-
1. Please can the department confirm why it has opted not to use MTA-STS as a potential CySec safeguard when communicating via email on the @cabinetoffice.gov.uk and @number10.gov.uk domain names?
2. Please can the department provide disclosure of its email security classifications policy.
3. Please can the department provide disclosure of the number of security incident reports made internally and/or externally which relate to concerns surrounding email security.
If I am able to provide any further information in support of this request, please do not hesitate to contact me.
Yours faithfully,
Ryan Jarvis
Our ref: FOI2022/17360
Dear Ryan Jarvis,
Thank you for your request for information which was received on 4th
December. Your request is being handled under the terms of the Freedom of
Information Act 2000 ('the Act').
The Act requires that a response must be given promptly, and in any event
within 20 working days. We will therefore aim to reply at the latest by
5th January.
Please remember to quote the reference number above in any future
communications.
Yours sincerely,
Freedom of Information Team
Cabinet Office
Dear Cabinet Office,
Thank you for your response dated the 5th December 2022.
I wish to clarify point 3 of my request which should have read:-
3. Please can the department provide disclosure of the number of security incident reports made internally and/or externally which relate to concerns surrounding email security between the period May 2018 - May 2022.
I hope this is of some assistance when considering my request.
Yours faithfully,
Ryan Jarvis
Dear Ryan Jarvis
The date that the response is due for your request, FOI2022/17360, has
been changed to 2nd February. Please see the attached letter.
Kind Regards
FOI Team
Cabinet Office
Dear Ryan Jarvis,
Please find attached our response to your recent Freedom of Information
request (reference FOI2022/17360).
Yours sincerely,
Freedom of Information Team
Cabinet Office
We work to defend the right to FOI for everyone
Help us protect your right to hold public authorities to account. Donate and support our work.
Donate Now