Scottish Government launches new public sector cyber resilience plan

Published: Thursday, 09 November 2017 09:55

At an event hosted by CBI Scotland, Scottish Government Deputy First Minister John Swinney announced the publication of a new public sector action plan on cyber resilience, aimed at protecting Scotland’s public sector against cyber attacks. The new plan will encourage all public bodies across Scotland to improve resilience by implementing common baseline cyber security protocols across their organizations.

Entitled ‘Safe, secure and prosperous: a cyber resilience strategy for Scotland’ the plan includes active threat intelligence sharing; clear cyber incident response protocols; and appropriate independent assurance that critical protection against the most common forms of attack is in place.

Deputy First Minister Swinney said:

“I want Scotland to be a world-leading nation in cyber resilience by 2020. The Scottish Government recently committed to developing a range of action plans to help meet this ambition, including in the key areas of learning and skills, economic opportunity, and public, private and third sector cyber resilience. Our public sector action plan will encourage all public bodies, large or small, to achieve common standards of cyber resilience. I want our public sector to lead by example on strengthening cyber security, to help ensure Scotland is ready to deal with all emerging threats.”

Hugh Aitken, Director of CBI Scotland, serves as chair of Scotland’s National Cyber Resilience Leaders’ Board, a cross-sector group that brings together leaders and experts in cyber resilience to help provide advice, challenge and support to the Scottish Government’s work on cyber resilience. Mr Aitken said:

“Now more than ever cyber security has to be an important priority for Scottish businesses and public bodies. From WannaCry to NotPetya we’re all familiar with the significance of recent cyber attacks and recognise just how important it is that we stay vigilant and do whatever we can to get on the front foot. 

“The public sector action plan on cyber resilience marks an important step on the journey to making Scotland a more cyber secure country. Ensuring all public bodies have a baseline standard for cyber resilience could be the difference between repelling an attack or having to deal with a raft of legal and reputational consequences.

“While we’re naturally focussed on cyber resilience and preventing vulnerability, increasing cyber resilience also offers huge opportunities for the Scottish economy. Cyber security is a rapid growth sector and, with significant expertise in software development, tech innovation and fintech, Scotland is ideally placed to take advantage and become a global leader in the field.”

Read the Safe, secure and prosperous: a cyber resilience strategy for Scotland document (PDF).