Cyber Security

The request was refused by Birmingham City University.

Dear Birmingham City University,

Under the freedom of information act 2000. I write to obtain the following details:

1) Name and role for IT Manager(s) / Officer(s) primarily responsible for cyber security

2) Names of all cyber security providers you work with and buy from

3) Names of all cyber security vendor(s) you use

3b) Renewal date for the above vendor(s)

3c) Cost and duration for the above contract(s)/license(s)

3d) For what purpose do you use the vendor
(E.g. Firewalls E.g.2 Anti-virus E.g.3 Vulnerability scanning E.g.4 PCI)

4) Number of websites & IPs you provide for cyber security testing

Yours faithfully,

Michael Smith

Freedom of Information Act, Birmingham City University

RE: INFORMATION REQUEST DATED 6 SEPTEMBER 2017

REF: FOI174

 

Thank you for your request for information about Cyber Security. Your
request was received on 6 September and we are dealing with it under the
terms of the Freedom of Information Act 2000.

 

We will respond to the information request within 20 working days (i.e on
or before 4 October 2017). If we are unable to respond to the request or
if the University does not hold the information or if there is a reason
for it to be withheld we will write to you with the reasons why.

 

If you have any queries or concerns about the process, please do not
hesitate to contact us. Otherwise we will write to you on or before 4
October 2017.

 

 

Information Management Team

Birmingham City University

15 Bartholomew Row

Birmingham

B5 5JU

 

T: 0121 300 5288

E: [1][Birmingham City University request email]

 

References

Visible links
1. mailto:[Birmingham City University request email]

Jacob Rickett, Birmingham City University

Dear Mr Smith

 

RE: INFORMATION REQUEST DATED 6 SEPTEMBER 2017

REF: FOI17174

 

Further to your request for information please see our response below.

 

YOUR REQUEST:

1) Name and role for IT Manager(s) / Officer(s) primarily responsible for
cyber security

2) Names of all cyber security providers you work with and buy from

3) Names of all cyber security vendor(s) you use

3b) Renewal date for the above vendor(s)

3c) Cost and duration for the above contract(s)/license(s)

3d) For what purpose do you use the vendor (E.g. Firewalls E.g.2
Anti-virus E.g.3 Vulnerability scanning E.g.4 PCI)

4) Number of websites & IPs you provide for cyber security testing

 

RESPONSE TO REQUEST 1:

 

Contact details which we are able to disclose are published on our
website.For any names not available on our public website at
[1]www.bcu.ac.uk, although we do hold this information we are unable to
provide the full name and contact details of individuals as this is exempt
information under the Freedom of Information Act 2000. This information is
exempt under section 40 of the Freedom of Information Act 2000 because it
is Personal Information.

If you wish to contact the University contact details are available on our
public website at:
[2]http://www.bcu.ac.uk/about-us/contact-de...

 

RESPONSE TO REQUESTS 2 - 4 (inclusive):

 

Information concerning the University’s cyber security systems is exempt
from disclosure in accordance with the exemption at Section 31(1) of the
FOIA (Law enforcement) and in accordance with the exemption at Section
43(2) (prejudice to commercial interest). The information could be used to
compromise the effectiveness of the security measures which could
prejudice the prevention or detection of crime and prejudice the
commercial interests of the University. Any public interest in openness
and transparency and ensuring best value is obtained by BCU would not be
satisfied by the disclosure of the information requested in this case,
whereas BCU would be likely to be hindered in its ability to prevent and
detect cyber threats against it and within its commercial relationships
and its ability to build trusting and lasting relationships with its
suppliers. There is sufficient information in the public domain to enable
informed debate and participation in open tender processes and in relation
to BCU spend on and the use of and procurement of operating systems with
information published annually by BCU though its report of the Board of
Governors and Audited Accounts. Such reports being available publically on
our website at:
[3]http://www.bcu.ac.uk/about-us/corporate-...
information on BCU procurement and tender opportunities is also available
at
[4]http://www.bcu.ac.uk/about-us/corporate-....

 

 

If you are dissatisfied with the handling of your request, you have the
right to ask for an internal review.  Requests for an internal review
should be made to the Information Governance Manager at
[5][Birmingham City University request email] or by writing to: Information
Governance Manager, Birmingham City University, 15 Bartholomew Row,
Birmingham, B5 5JU.

 

If you are not content with the outcome of the internal review, you have
the right to apply directly to the Information Commissioner for a
decision. Please see [6]https://ico.org.uk/concerns/getting/ for details
of their procedure. The Information Commissioner can be contacted at:
Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow,
Cheshire, SK9 5AF.

 

Information Management Team

Birmingham City University

15 Bartholomew Row

Birmingham

B5 5JU

 

T: 0121 300 5288

E: [7][Birmingham City University request email]

 

 

References

Visible links
1. http://www.bcu.ac.uk/
2. http://www.bcu.ac.uk/about-us/contact-de...
3. http://www.bcu.ac.uk/about-us/corporate-...
4. http://www.bcu.ac.uk/about-us/corporate-...
5. mailto:[Birmingham City University request email]
6. https://ico.org.uk/concerns/getting/
7. mailto:[Birmingham City University request email]