MoJ develops cyber security log platform

Written by Peter Walker
28/11/19

The Ministry of Justice (MoJ) has begun work to collect its cyber security logs in an aggregation platform, after identifying that it was not able to fully understand the situation around its estate, as the logs are held in multiple systems.

The government department is now aiming to develop a single, centralised store of logs that can be more easily queried to help correlate information on attacks and track the behaviour of cyber attackers.

The MoJ’s security and privacy team has already created a proposed architecture, based on its Kubernetes cloud hosting environment on Amazon Web Services, which has been approved by technical authorities as the basis for the platform.

It is now running a procurement process for support in testing and possibly implementing the suggested architecture over the first quarter of 2020, with the aim of the platform in an operable state by the second quarter.

In August, the MoJ indicated that it was working on a new set of policies, standards, guidelines and procedures to strengthen its cyber security; including the creation of a ‘stack’ for its digital and technology delivery teams to understand their relevant responsibilities.