Essex County Fire & Rescue Service

Transparency Overview

Select Category

Search Site

FOI / 3725 / 2018 - Network security

Initial Request:

I am writing to make a request for information under the Freedom of Information Act 2000.

1. Does your organisation adhere to the Network Security guidance outlined by the National Cyber Security Centre, within its ?10 Steps to Cyber Security?

Yes o

No o

2. Do you ensure that security patches for critical vulnerabilities are routinely patched within 14 days, as recommended by the National Cyber Security Centre?

Yes o

No o

3. Have you suffered from any service outages on your network in the last two years, however small?

Yes o

No o

4. Did any of these outages cause a loss, reduction or impairment to your organisation?s delivery of essential services?

Yes o

No o

5. Was the root cause of the service outage identified and confirmed at the time or afterwards?

Yes o

No o

6. Is it possible that any service outages you have suffered in the last two years was caused by a cyber attack such as ransomware, DDoS attack, or malware?

Yes o

No o

7. Are you aware that Distributed Denial of Service (DDoS) attacks are a significant contribution to service interruptions, outages and downtime?

Yes o

No o

Final Response:

Thank you for your request for information under the Freedom of Information Act 2000. Please find our response to your request below.

1. Does your organisation adhere to the Network Security guidance outlined by the National Cyber Security Centre, within its 10 Steps to Cyber Security?

Yes

2. Do you ensure that security patches for critical vulnerabilities are routinely patched within 14 days, as recommended by the National Cyber Security Centre?

Yes

3. Have you suffered from any service outages on your network in the last two years, however small?

Yes

4. Did any of these outages cause a loss, reduction or impairment to your organisation?s delivery of essential services?

No

5. Was the root cause of the service outage identified and confirmed at the time or afterwards?

Yes

6. Is it possible that any service outages you have suffered in the last two years was caused by a cyber attack ? such as ransomware, DDoS attack, or malware?

No

7. Are you aware that Distributed Denial of Service (DDoS) attacks are a significant contribution to service interruptions, outages and downtime?

Yes

If you are dissatisfied with the handling of your request you have the right to apply for an internal review. Internal review requests should be submitted within two months of the date of your original email and should be addressed to: Internal Review, Performance & Data Team, Kelvedon Park, Rivenhall, Witham, Essex CM8 3HB

Please note that the response and data released to you as part of this request will be published on the Essex County Fire & Rescue Service website. The website address is http://www.transparency.essex-fire.gov.uk/ All requests will be anonymised and no personal information including contact details will be disclosed as part of this process.

Thank you for your interest in Essex County Fire And Rescue Service.