Suppliers and Vendors (Cyber)

The request was partially successful.

Dear Perth and Kinross Council,

Under the freedom of information act 2000. I write to obtain the following details:

1) Name and role for IT Manager(s) / Officer(s) primarily responsible for cyber security

2) Names of all cyber security providers you work with and buy from

3) Names of all cyber security vendor(s) you use

3b) Renewal date for the above vendor(s)

3c) Cost and duration for the above contract(s)/license(s)

3d) For what purpose do you use the vendor
(E.g. Firewalls E.g.2 Anti-virus E.g.3 Vulnerability scanning E.g.4 PCI)

4) Number of websites the council is responsible for securing

Many thanks,
Tom Collins

FOI - Generic Email Account, Perth and Kinross Council

Dear Mr Collins

 

Freedom of Information (Scotland) Act  2002

Request for Information – Cyber Security

 

I acknowledge receipt of your request for information dated 07 September
2017.

 

I understand that the information you seek is:-

 

1)    Name and role for IT Manager(s) / Officer(s) primarily responsible
for cyber security

 

2)    Names of all cyber security providers you work with and buy from

 

3)    Names of all cyber security vendor(s) you use

a.    Renewal date for the above vendor(s)

b.    Cost and duration for the above contract(s)/license(s)

c.    For what purpose do you use the vendor (E.g. Firewalls E.g.2
Anti-virus E.g.3 Vulnerability scanning E.g.4 PCI)

 

4)    Number of websites the council is responsible for securing

 

I am currently dealing with your request and will issue my response no
later than 06 October 2017 which is 20 working days as permitted in terms
of section 10(1) of the above legislation.

 

If you do not agree with my interpretation of your request you should
contact me immediately.

 

Please use the reference Number ATI 2017 09 08 001 in any future
correspondence relating to this request.

 

Yours sincerely

 

 

 

 

 

Information Officer

Legal & Governance Services

Perth and Kinross Council

2 High Street

Perth

PH1 5PH

Telephone 01738 477936

 

 

 

 

 

Securing the future... - Improving services - Enhancing quality of
life - Making best use of public resources.

The information in this email is solely for the intended recipients.

If you are not an intended recipient, you must not disclose, copy,
or distribute its contents or use them in any way: please advise
the sender immediately and delete this email.

Perth & Kinross Council, Culture Perth and Kinross and TACTRAN do not
warrant that this email or any attachments are
virus-free and does not accept any liability for any loss or damage
resulting from any virus infection. Perth & Kinross Council may
monitor or examine any emails received by its email system.

The information contained in this email may not be the views of
Perth & Kinross Council, Culture Perth and Kinross or TACTRAN.
It is possible for email to be falsified and the sender cannot be
held responsible for the integrity of the information contained in it.

Requests to Perth & Kinross Council under the Freedom of
Information (Scotland) Act should be directed to the Freedom of
Information Team - email: [Perth and Kinross Council request email]

General enquiries to Perth & Kinross Council should be made to
[email address] or 01738 475000.

General enquiries and requests under the Freedom of Information (Scotland)
Act
to Culture Perth and Kinross should be made to
[email address] or 01738 444949

General enquiries to TACTRAN should be made to
[email address] or 01738 475775.

Securing the future... - Improving services - Enhancing quality of
life - Making best use of public resources.

FOI - Generic Email Account, Perth and Kinross Council

Dear Mr Collins

 

Freedom of Information (Scotland) Act 2002

Request for Information – Cyber Notes

 

I refer to your request for information dated 07 September 2017.

 

The information you requested was:-

 

1)    Name and role for IT Manager(s) / Officer(s) primarily responsible
for cyber security

 

2)    Names of all cyber security providers you work with and buy from

 

3)    Names of all cyber security vendor(s) you use

a.    Renewal date for the above vendor(s)

b.    Cost and duration for the above contract(s)/license(s)

c.    For what purpose do you use the vendor (E.g. Firewalls E.g.2
Anti-virus E.g.3 Vulnerability scanning E.g.4 PCI)

 

4)    Number of websites the council is responsible for securing

 

Response

 

Relative to the above, I have been advised of the following:

 

1.    Perth & Kinross Council does not have an IT manager who specifically
has ‘cyber security’ in their job description or title. ‘Cyber Security’
is considered to be part of all IT functions and is just part of business
as usual, so the responsibility of all IT managers. In terms of section
17(1)(b) of the Freedom of Information (Scotland) Act 2002, this is formal
notice that this information is not held.

 

2.    Perth & Kinross Council does not actively work with or buy from any
particular provider. In terms of section 17(1)(b) of the Freedom of
Information (Scotland) Act 2002, this is formal notice that this
information is not held.

 

3.    For Information Security this year we have used SureCloud to carry
out our annual IT Health Check. This was a one off activity therefore
there is no renewal date. However, we do not currently ‘use’ any provider.
The cost of this was £7,800.

 

PCI Quarterly External vulnerability scanning is carried out by NCC. This
contract expires in approximately 5 quarters. The renewal date will be the
date of the last test, which is as yet unknown. In terms of section
17(1)(b) of the Freedom of Information (Scotland) Act 2002, this is formal
notice that this information is not held. The cost of this contract was
£3,708, which was paid in 2012.

 

4.    17. Please be advised that the responsibility for securing these
sites will be split between the Council, the supplier, additional 3^rd
parties and the hosting company. The split varies for every site.

 

 

You have a right to request a review of the Council’s decision. Please
click [1]here to view a copy of our information leaflet which explains the
right of review.

 

Should you require any further explanation or assistance please do not
hesitate to contact me.

 

Yours sincerely

 

 

Information Officer

Legal & Governance Services

Perth & Kinross Council

2 High Street

Perth

PH1 5PH

Telephone: 01738 477936

 

 

 

 

 

Securing the future... - Improving services - Enhancing quality of
life - Making best use of public resources.

The information in this email is solely for the intended recipients.

If you are not an intended recipient, you must not disclose, copy,
or distribute its contents or use them in any way: please advise
the sender immediately and delete this email.

Perth & Kinross Council, Culture Perth and Kinross and TACTRAN do not
warrant that this email or any attachments are
virus-free and does not accept any liability for any loss or damage
resulting from any virus infection. Perth & Kinross Council may
monitor or examine any emails received by its email system.

The information contained in this email may not be the views of
Perth & Kinross Council, Culture Perth and Kinross or TACTRAN.
It is possible for email to be falsified and the sender cannot be
held responsible for the integrity of the information contained in it.

Requests to Perth & Kinross Council under the Freedom of
Information (Scotland) Act should be directed to the Freedom of
Information Team - email: [Perth and Kinross Council request email]

General enquiries to Perth & Kinross Council should be made to
[email address] or 01738 475000.

General enquiries and requests under the Freedom of Information (Scotland)
Act
to Culture Perth and Kinross should be made to
[email address] or 01738 444949

General enquiries to TACTRAN should be made to
[email address] or 01738 475775.

Securing the future... - Improving services - Enhancing quality of
life - Making best use of public resources.

References

Visible links
1. http://www.pkc.gov.uk/media/12752/Review...

Looking for an EU Authority?

You can request documents directly from EU Institutions at our sister site AskTheEU.org . Find out more .

AskTheEU.org