Associate feature: Annual ICT event welcomes Scottish public sector as cyber deadlines loom
The Scottish Government wants the public sector in Scotland to lead on cyber resilience
Digital data - Image credit: IT Governance
The deadline for GDPR (General Data Protection Regulation) compliance may be a thing of the past, but the battle to comply with the Scottish Government’s cyber resilience scheme is very much part of the present.
Since 2017, Scotland has attempted to lay the cyber resilience groundwork for what they hope will see the public sector become as secure as possible and able to recover quickly when cyber attacks succeed.
While a large proportion of Scottish public bodies already have cyber security measures in place, it’s the aim of Scottish ministers for the entire public sector to become an exemplar of cyber resilience.
Cyber crime is perhaps the single biggest threat to modern businesses, and attacks are continuously on the rise.
Attacks such as the WannaCry outbreak of 2017, which saw more than 300,000 computers infected, have accelerated this legislation.
Several requirements have been issued to those in the public sector regarding how government departments, local authorities and NHS boards can become more secure online.
The Scottish Government expects public bodies to have achieved an ‘initial baseline stage’ by June 2018 (or the end of October 2018 in the case of Cyber Essentials certification and independent assurance of critical controls), whereby a common baseline of good cyber resilience practice is in place.
They are also expected to align themselves with the new Security Policy Framework Technology Security Standard and other key existing standards and guidelines.
Organisations can become compliant by taking the necessary steps sooner rather than later, such as ensuring staff have undertaken cyber resilience training and having a cyber incident response plan in place.
Last week in Edinburgh, figures from Scotland’s public sector were brought together at Holyrood’s 7th Annual Connect Conference, the country’s premier public sector ICT event, to discuss digital transformation and integration across the sector and how to meet current and future opportunities and challenges.
The event was attended by leading cyber security expert IT Governance, fresh from opening its new Edinburgh base.
IT Governance is a global provider of IT governance, risk management and compliance solutions, with a special focus on cyber resilience, data protection, the PCI DSS (Payment Card Industry Data Security Standard), ISO 27001 and cyber security.
Offering solutions and answers to the public bodies in attendance, IT Governance’s presence at the event coincides with the landmark shift in the sector’s attitude towards cyber security.
With 15 years’ experience advising global businesses and government bodies, IT Governance is able to offer the public sector cost-saving and risk-reducing solutions, including everything the sector needs to achieve cyber resilience – standards, books, free resources, webinars, policies and procedure templates, gap analysis tools, PCI DSS compliance, ISO 27001 certification, business continuity and incident response management consultancy, training, penetration testing, staff awareness courses and software, many of which the Scottish Government has identified as being able to help with cyber resilience.
Alan Calder, founder and executive chairman of IT Governance, said: “The Scottish Government’s legislation is something that we as an industry welcome to encourage this sector to incorporate effective cyber resilience into its practices.
“What’s fantastic to see is that the scheme aligns with leading examples of cyber security, such as the international information security standard, ISO 27001, and the UK’s Cyber Essentials Scheme, and that the Scottish Government has acknowledged that effective business continuity management is a crucial part of a comprehensive cyber resilience programme.”
To find out more about cyber resilience products and services, visit the IT Governance website or email firstname.lastname@example.org or call the Scottish team on +44 (0)131 564 1214 to get in touch with the consultancy team.
Anna Drysdale is the regional marketing manager for Scotland at IT Governance.
The NCSC warned that “it’s important to apply these updates quickly, to make it as hard as possible for attackers to get in”
Ciaran Martin, the chief executive of the NCSC, stated publicly that the UK suffering a category-one cyberattack is “a matter of when, not if”
Open Standards Board concludes process for selecting standards to be applied to the use of “cyberthreat intelligence systems”
Technologies that will be supported include “mini-drones” that can provide an aerial view of a battlefield, and remote-control systems for combat vehicles
With the annual worldwide cost of cybercrime set to double from $3tn in 2015 to $6tn by 2021, BT offers advice on how chief information security officers can better...
Vodafone explores some of the ways IoT is significantly improving public sector service delivery
BT's Amy Lemberger argues that having the right security in place to protect your organisation is no longer just an option. It is a necessity.