Thursday, 3 June 2021
Department of Justice and Equality
My Department takes the issues of cyber security very seriously and implements a security-by-design and defence-in-depth approach. The Information Management and Technology (IM&T) unit operates and monitors all relevant systems to the highest levels, and is closely engaged with colleagues in the Office of the Government Chief Information Officer (OGCIO) and the National Cyber Security Centre (NCSC) to ensure that we follow best practice as it relates to all aspects of cyber security.
The Deputy will appreciate that, for operational and security reasons, it is not the practice to disclose details of systems and processes as this could compromise those efforts. In particular, it is not considered appropriate to disclose information which might assist criminals to identify potential vulnerabilities in security arrangements.
I can say that, over the last 7 years, my Department has made considerable enhancements to its ICT systems and services. This includes migrating our technology infrastructure and completing a refresh of the major server and telecommunications components of the IT landscape. We also transitioned to a new managed service provider and since doing so have consistently delivered in excess of 99.5% system availability. We have significantly expanded our use of OGCIO's 'build-to-share' applications to include eSubmissions, eFOI, ePQs, eCorrespondence and eDocs.
Dramatically increasing digital services through the justice sector to support our modernisation and reform agenda is a core priority of Justice Plan 2021.
Earlier his year my Department recruited a specialist Chief Information Officer (CIO) at Assistant Secretary level to lead our team in the implementation of its IMT strategy which will see further enhancement of systems and increased digital transformation across our public facing services. This will include moving from our legacy case-management systems to more modern flexible platforms.
I should add that since the introduction of GDPR and the Data Protection Act in 2018 which affords considerable protections to personal data, my Department has devoted significant resources to ensuring compliance with the requirements of that legislation. A dedicated team, led by the Data Protection Officer, oversees all aspects of data protection on an ongoing basis and policies and procedures in relation to all aspects of data security are in place.