I would like to submit an FOI request regarding the challenges your council has faced during the pandemic. Specifically, I would like responses to the following questions:

1.
a) How many people do you employ?
1361.
b) How many of your employees were moved to remote working from March 2020?
95%

2.
a) Did COVID-19 and the move to remote working mean you had to make additional investments in security in order to support remote working?
No additional expense on security as we already had a mobile and remote working workforce.
b) If yes, how much (if possible)?
Not applicable.

3. If answered YES to question 2 (a) above) Where did the budget for additional investments in security in order to support remote working come from?
• From the wider IT budget
• From reducing investment in other services
• From council savings
• From selling council assets – e.g. property.
Not applicable.

4. Does your organisation plan to continue using remote working more post-COVID-19 than it did pre-COVID-19?
Yes.

5. For each of the following, can you indicate whether you a) have invested more in the item below after March 2020, and b) plan to invest further in the future.
a) Secure VPN access for remote workers: No further investment, but we do plan to invest in future and when required.
b) Encryption for remote workers (e.g. software encryption, thumb drives): The Council is part of PSN, we already adopt a strong data security policy and use encryption of data on all mobile devices.
c) Identity and access management: This was already in place.
d) Security Information and Event Management (SIEM) tools (e.g. Splunk): We do have monitoring in place, but I am unable to confirm exactly/how.
e) Endpoint security: Yes, in place.
f) Increased security training for remote workers: Yes, partly but we did already have this covered.
g) Security posture assessment to understand any impacts from the move to remote working and identify any gaps in security: We continually monitor network access and traffic.

6).Have any of your employees been prevented from working remotely because it wasn’t possible to guarantee secure access to data?
No.

7. Have you had reported to you and/or identified any cyber-attacks made against remote employees (e.g., phishing, man-in-the-middle attacks, brute force attacks against VPNs)?
a) How many of these were identified / reported from March 2020 onwards?
b) How many were identified / reported in the 12 months before March 2020 (i.e. March 2019 – February 2020)?
One major activity/threat at the end of the year 2020 which was managed without any data breaches.