Quickly exit this site by pressing the Escape key Leave this site
We use some essential cookies to make our website work. We’d like to set additional cookies so we can remember your preferences and understand how you use our site.
You can manage your preferences and cookie settings at any time by clicking on “Customise Cookies” below. For more information on how we use cookies, please see our Cookies notice.
Your cookie preferences have been saved. You can update your cookie settings at any time on the cookies page.
Your cookie preferences have been saved. You can update your cookie settings at any time on the cookies page.
Sorry, there was a technical problem. Please try again.
This site is a beta, which means it's a work in progress and we'll be adding more to it over the next few weeks. Your feedback helps us make things better, so please let us know what you think.
FOI Reference: 37/2024
Request 1 - 7:
1) Who provides your WAN and internet connectivity and the annual spend on each?
2) Have you or do you plan to deploy SD Wan services?
3) Have you got SIP trunks? if so who from and confirm annual spend?
4) Please confirm who provides your LAN, WIFI and Security infrastructure and can you please confirm your annual spend on each?
5) Please confirm your data centre switching and security infrastructure and have you deployed cloud-based security and threat management?
6) Can you provide contact details for your procurement lead / category manager for these services?
7) Can you provide names and contact details for the following people within your organisation?
Response 1:
I can confirm that Dyfed Powys Police holds the information requested;
Welsh Government PSBA contract.
Rolling contract – main contract awarded in 2016 for a 5 years with options to extend (option to extend has been taken up).
Sites – 48
Spend - £25,332 per quarter.
Response 2:
I can confirm that Dyfed Powys Police holds the information requested;
No yet but it’s on our roadmap. Timescales are as yet uncertain.
Response 3:
I can confirm that Dyfed Powys Police holds the information requested;
Yes, with Gamma. Annual spend circa £24k per year
Response 4:
I can confirm that Dyfed Powys Police holds the information requested;
All services supported and installed by in-house staff.
Response 5:
Dyfed Powys Police can neither confirm nor deny that it holds any other information with regard to an exempt body as the duty in Section 1(1)(a) of the Freedom of Information Act 2000 does not apply by virtue of the following exemptions:
Section 24(2) National Security
Section 31(3) Law Enforcement
Sections 24 and 31 are prejudice based qualified exemptions, and both evidence of harm and public interest considerations are required.
Evidence of Harm:
Every effort should be made to release information under Freedom of Information. However a FOIA response is considered to be a release to the world, as once the information is published the public authority have no control over what use is made of that information.
The Police Service is charged with enforcing the law, preventing and detecting crime and protecting the communities they serve. In order to achieve these objectives all forces utilise Information Technology essential to front line services. Disclosure of information regarding certain IT services, capabilities and security infrastructure in concert with any formal acknowledgement of strategic deficiency, would reveal intricacies of those systems thereby highlighting vulnerabilities and compromising individual force information assurance.
To confirm or deny whether information is held in relation to data centre switching, security infrastructure and cloud based security and threat management, would release sensitive information around the force’s network infrastructure. It would place the network infrastructure at increased risk of attack, as the information could be used by individuals with criminal intent to help identify and navigate around current security measures. This subsequently impacts on the effective delivery of operational law enforcement as it would leave forces open to cyber-attack which could render computer devices essential to critical policing functions obsolete.
This type of information would be extremely beneficial to offenders, including terrorists and terrorist organisations. It is vitally important that information sharing takes place to support counter-terrorism measures in the fight to deprive terrorist networks of their ability to commit crime. To confirm or deny information is held about data centre switching, security infrastructure and cloud based security and threat management, would be extremely useful to those involved in terrorist activity as it would enable them to map vulnerable information security databases. These risks are all the more relevant when requests are make to multiple forces as disclosure would enable a geographical picture to be drawn up by those individuals who are intent on ‘hacking’ police systems.
Public Interest Test
Section 24(2) National Security
Factors favouring complying with Section 1(1)(a) confirming that information is held:
The public are entitled to know how public funds are spent and how resources are distributed within an area of policing. To confirm or deny whether information is held, would enable the general public to hold the police to account on the appropriate security measures and systems they have are in place, and enable improved public debate into this subject in terms of the use of public funds.
Factors against complying with Section 1(1)(a) confirming or denying that information is held:
Security measures are put in place to protect the community we serve. As evidenced within the harm to confirm information is held would highlight to terrorists and individuals intent on carrying out criminal activity vulnerabilities within the police service.
Taking into account the current security climate within the United Kingdom, no information (such as the citing of an exemption which confirms information pertinent to this request is held, or conversely, stating ‘no information is held’) which may aid a terrorist should be disclosed. To what extent this information may aid a terrorist is unknown, but it is clear that it will have an impact on a force’s ability to monitor terrorist activity.
Irrespective of what information is or isn’t held, the public entrust the Police Service to make appropriate decisions with regard to their safety and protection and the only way of reducing risk is to be cautious with what is placed into the public domain.
The cumulative effect of terrorists gathering information from various sources would be even more impactful when linked to other information gathered from various sources about terrorism. The more information disclosed over time will give a more detailed account of the tactical infrastructure of not only a force area, but also the country as a whole.
Any incident that results from such a disclosure would, by default, affect National Security.
Section 31(3) Law Enforcement
Factors favouring complying with Section 1(1)(a) confirming that information is held:
Confirming whether or not information exists, would lead to a better informed public and may encourage individuals to provide intelligence in order to reduce the risk of police networks being hacked.
Factors against complying with Section 1(1)(a) neither confirming nor denying that information is held:
Confirmation or denial information is held in relation to data centre switching, security infrastructure and cloud based security and threat management would undermine current and future technological integrity, which in turn compromises the force’s mandate to protect the safety of the public through effective policing practices. Confirming or denying information is held is intelligence to those who would wish to exploit vulnerabilities in the service and compromise of force IT systems. Ultimately this negatively affects law enforcement capabilities, hinders the prevention and detection of crime and risks public safety.
Confirmation or denial that information is held would suggest the police take their responsibility to protect information and information systems from unauthorised access, destruction, etc., dismissively and inappropriately.
Response 6:
I can confirm that Dyfed Powys Police holds the information requested;
Mark Hall, Senior ICT Operational Manager
(01267) 226409
Response 7:
I can confirm that Dyfed Powys Police holds the information requested;
Head of IT – Dr. Stephen Havard – (01267) 226400
No IT Director
No Head of Digital
Mark Hall, Senior ICT Operational Manager – (01267) 226409
(incorporates Infrastructure, Networking and Cyber Security)
It should be noted that as a result of the systems adopted by Dyfed-Powys Police in relation to the recording of such information that the information released may or may not be accurate.
(This is a response under the Freedom of Information Act 2000 and disclosed on 23/04/2024)