MoJ plans £250k cybersecurity review
Department looks to cultivate ‘modern security stack’
Credit: Kirsty O'Connor/PA
The Ministry of Justice is seeking a partner to assist with a “comprehensive review” and subsequent update of its security policies and guidance.
The MoJ is looking to appoint a supplier to a contract of up to one year designed to ensure it has a “modern security stack” comprising policies, standards, guidelines, and procedures to apply to its use of technology.
The organisation wishes to conduct an all-encompassing review of existing security arrangements across the central department, its agencies, arm’s-length bodies, and other related entities. Having completed this process, the MoJ wishes to implement “revised documentation with keenly modernised positions”.
- Ministry of Justice sets minimum security standards for AWS
- MoJ digital chief: ‘Prisons have been bypassed by the digital revolution – that is our next really big challenge’
- MoJ awards £16m deal for courts service centre telephony
Such documents will ultimately be used by departmental staff and contractors, as well as by external suppliers.
“The MoJ has been working on improving its IT security policies and guidance to update them into modern, pragmatic, user-centric content,” the department said. “Our goal is to have an updated portfolio that enables digital and technology delivery teams, and all of our suppliers, to easily understand their responsibilities with regards to security and privacy matters, and provide clear guidance on good ways to achieve good security outcomes. This will enable our security specialists to focus on the more complex and challenge security problems we face.”
The review, which will last up to 12 months, will commence with an opening discovery exercise to take place at the MoJ’s offices. Once the process starts in earnest, the chosen supplier will be expected to provide the department with progress updates at least once a fortnight.
Bids for the project, for the which the MoJ has a budget of £250,000, are open until 26 August, with work due to commence shortly thereafter. The department expects to evaluate about five suppliers. The winning bidder will work alongside the security and privacy team that sits within the MoJ Digital and Technology unit.
Cabinet Office offers those affected a one-year subscription to a credit-checking service
Johnson and Dyson’s text exchange shows need for new rules, believe ex-cabinet secretaries
Contract covers cloud hosting and related services
Concerns expressed after leak of messages between Boris Johnson and vacuum magnate Dyson
Higher Education institutions are some of the most consistently targeted organisations for cyberattacks. CrowdStrike explores the importance of the right cybersecurity measures.
With the backdrop of the COVID-19 pandemic, every disaster now entails responding to at least two emergencies. Dataminr explains how organisations can best prepare.