MoJ plans £250k cybersecurity review
Department looks to cultivate ‘modern security stack’
Credit: Kirsty O'Connor/PA
The Ministry of Justice is seeking a partner to assist with a “comprehensive review” and subsequent update of its security policies and guidance.
The MoJ is looking to appoint a supplier to a contract of up to one year designed to ensure it has a “modern security stack” comprising policies, standards, guidelines, and procedures to apply to its use of technology.
The organisation wishes to conduct an all-encompassing review of existing security arrangements across the central department, its agencies, arm’s-length bodies, and other related entities. Having completed this process, the MoJ wishes to implement “revised documentation with keenly modernised positions”.
- Ministry of Justice sets minimum security standards for AWS
- MoJ digital chief: ‘Prisons have been bypassed by the digital revolution – that is our next really big challenge’
- MoJ awards £16m deal for courts service centre telephony
Such documents will ultimately be used by departmental staff and contractors, as well as by external suppliers.
“The MoJ has been working on improving its IT security policies and guidance to update them into modern, pragmatic, user-centric content,” the department said. “Our goal is to have an updated portfolio that enables digital and technology delivery teams, and all of our suppliers, to easily understand their responsibilities with regards to security and privacy matters, and provide clear guidance on good ways to achieve good security outcomes. This will enable our security specialists to focus on the more complex and challenge security problems we face.”
The review, which will last up to 12 months, will commence with an opening discovery exercise to take place at the MoJ’s offices. Once the process starts in earnest, the chosen supplier will be expected to provide the department with progress updates at least once a fortnight.
Bids for the project, for the which the MoJ has a budget of £250,000, are open until 26 August, with work due to commence shortly thereafter. The department expects to evaluate about five suppliers. The winning bidder will work alongside the security and privacy team that sits within the MoJ Digital and Technology unit.
Department’s annual report shows, for the first time in many years, documents or data lost from a secure government building had to be reported to the ICO. PublicTechnology finds out more...
Government attributes 2018 campaign to Moscow and claims more assaults were planned for cancelled 2020 summer games
Airline slapped with record penalty by ICO – albeit one that is grossly reduced on the regulator’s original intention
Ministry picks Automation Logic for deal related to ‘modernisation platform’
Organisations need to understand that a single cybersecurity solution alone is not infallible and instead should move towards a multi-layered approach to security, according to experts from...