Suppliers and Vendors (Cyber)

Harry Jones made this Freedom of Information request to Sutton Borough Council

This request has been closed to new correspondence. Contact us if you think it should be reopened.

The request was partially successful.

Dear Sutton Borough Council,

Under the freedom of information act 2000. I write to obtain the following details:

1) Name and role for IT Manager(s) / Officer(s) primarily responsible for cyber security

2) Names of all cyber security providers you work with and buy from

3) Names of all cyber security vendor(s) you use

3b) Renewal date for the above vendor(s)

3c) Cost and duration for the above contract(s)/license(s)

3d) For what purpose do you use the vendor
(E.g. Firewalls E.g.2 Anti-virus E.g.3 Vulnerability scanning E.g.4 PCI)

4) Number of websites the council is responsible for securing

Many thanks,
Harry Jones

LBS FOI, Sutton Borough Council

Dear Harry Jones
FREEDOM OF INFORMATION ACT 2000 - INFORMATION REQUEST - REF NO
-F11171 (please quote in correspondence)
I acknowledge your request for information dated the 5th September 2017
relating to Suppliers and Vendors (Cyber)
Your request is being considered and, if it is held, you will receive the
information requested within the statutory timescale of 20 working days as
defined by the Freedom of Information Act 2000, subject to the information
not being exempt or containing a reference to a third party.
If appropriate, the information may be provided in paper copy, normal font
size.  If you require alternative formats, e.g. language, audio, large
print, etc. then please let us know.
For your information, the Act defines a number of exemptions which may
prevent release of the information you have requested.  There will be an
assessment and if any of the exemption categories apply then the
information will not be released.  You will be informed if this is the
case, including your rights of appeal.
If the information you request contains reference to a third party then
they may be consulted prior to a decision being taken on whether or not to
release the information to you.  You will be informed if this is the case.
A fee may be payable for this information.  This will be considered and
you will be informed if a fee is payable.  In this event the fee must be
paid before the information is processed and released.  The 20 working day
time limit is suspended until receipt of the payment.
Please be advised that in line with London Borough of Sutton's commitment
to transparency, in due course an anonymous copy of your request and our
response may be published on our website.
Yours sincerely
FOI Admin Officer
London Borough of Sutton

LBS FOI, Sutton Borough Council

Good afternoon Harry Jones
Please accept my apologies,
In your acknowledgement email just sent to you, the FOI number was wrong.
Please if referring to this request in the future, please use the FOI
Number F11171.
Thank you Kind Regards
FOI Amin Officer
London Borough of Sutton

Jason Sam-Fat,

​​Dear ​
​Mr 
​​
​Jones
​,​​
​​FREEDOM OF INFORMATION ACT 2000 - INFORMATION REQUEST - REF NO - F1
​1

​171
.​​

​​I refer to your request for information received
​ on 




​​


​05​ September
 2017
​relating to 
​​



​​


​​
​​
​Suppliers and Vendors (Cyber) and apologise
​for​ the delay in responding your FOI request.​​
​Prior to responding to your FOI request, it is important to note that
​t​he Royal Borough of Kingston and
​the ​London
​ ​Borough of Kingston operates a Shared ICT Service model. As such the
response encompasses both boroughs.
The FOI is summarised below with its associated response.
​Q1. ​Name and role for IT Manager(s) / Officer(s) primarily responsible
for cyber security
​A1. Head of Shared ICT Service - Mark Lumley.
​Q2. ​Names of all cyber security providers you work with and buy from
​​A
​2. Please see list below:​

* Checkpoint
* Kaspersky
* Qualys
* NTA
* Sapphire 
* NCC Group

​​Q3. Names of all cyber security vendor(s) you use

​​A
​3. Please see list below:​

* Checkpoint
* Kaspersky
* Qualys
* NTA
* Sapphire
* NCC Group

​​Q4. Renewal date for the above vendor(s)
​​
​​A
​4. Please see list below:​

* ​​Checkpoint - November 2017
* Kaspersky - January 2018
* NTA - December 2017 & October 2017

​​Q5. Cost and duration for the above contract(s)/license(s)
​A
​5. Last 12 months costs were:

* Checkpoint - £160k
​​
* Kaspersky - £30k
* NTA - £12k

​​Q6. For what purpose do you use the vendor (E.g. Firewalls E.g.2
Anti-virus E.g.3 Vulnerability scanning E.g.4 PCI)
​A6. ​


Please see list below:​

* ​​Checkpoint -
​Firewall
* Kaspersky -
​Antivirius
* NTA -
​Vulnerability, PCI & Pen test

​Q7. ​Number of websites the council is responsible for securing
​A7. Total of 7 internally hosted website - ​4
​in ​Kingston
​& 3 in Sutton.

If you are unhappy with the way in which your request has been handled you
have the right to ask for an internal review.  Please notify us in writing
as soon as possible with the grounds upon which you feel the appeal is
justified
​ ​to: [1][Sutton Borough Council request email]  or by post to Customer Care and Improvement
Team, Civic Offices, St Nicholas Way, Sutton, Surrey, SM1 1EA. 
We aim to respond to you within 20 working days of receiving your request.
If it is going to take longer we will let you know. 
Should you still be dissatis
fied with the outcome you have the right to refer to the Information
Commissioner: Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9
5AF [2]www.ico.org.uk 
Yours sincerely,
Jason Sam-Fat
ICT Commercial Manager
Shared ICT service for Kingston & Sutton

Kingston: [3]www.kingston.gov.uk
Sutton: [4]www.sutton.gov.uk​
Disclaimers apply, for full details see :
(https://www.kingston.gov.uk/info/200281/...)

References

Visible links
1. mailto:[Sutton Borough Council request email]
2. http://www.ico.org.uk/
3. http://www.kingston.gov.uk/
4. http://www.sutton.gov.uk/