Scotland’s new Cyber Resilience Framework
The Scottish Government sets out its new strategy to ensure Scotland is a digitally secure and cyber resilient nation.
Launched during Cyber Scotland Week, The Strategic Framework for a Cyber Resilient Scotland builds upon the Scottish Government’s first cyber resilience strategy, which was published in 2015, expanding on its achievements and tackling new and ongoing challenges.
Digital technologies are critical to the functioning of society and the economy and this new Framework recognises that cyber resilience is not simply an ‘IT issue’, but rather the very backbone to the country’s operational resilience and business continuity – and to its capacity to grow and flourish as it adapts to a increasing demands of operating online.
Recent incidents like the ransomware attack on the Scottish Environment Protection Agency (SEPA) have only solidified the need to be able to orchestrate a national response which can rapidly mobilise the support that organisations need to detect, respond and recover from a major cyberattack. And the new Framework emphasises the need for a secure-by-design approach for the public sector, across the supply chain.
Therefore, Scotland’s pathway to achieving its vision will be cemented by a partnership which will bring the public and private sectors together to help raise cyber resilience awareness, skills, standards; and to foster a collective capability to respond to a major cyber incident.
Indeed, the Framework focuses on 4 outcomes, which are as follows:
- People recognise cyber threats and are well prepared to manage them.
- Businesses and organisations recognise the cyber risks and are well prepared to manage them.
- Digital public services are secure and cyber resilient.
- National cyber incident response arrangements are effective.
There a number of cross-cutting enablers which will help realise the Framework’s strategic ambitions and these will ensure consistency of effort and impact across sectors; assist with reporting against specific activities; and provide structure for the public sector, private sector, third sector, and learning and skills action plans which underpin the outcomes. These enablers are:
- Knowledge of risk and threat
- Tools, processes, standards, regulations and compliance
- Learning and skills
- Incident management, response and recovery
- Access to cyber security technical expertise
- Innovation and academic research
The Framework, which will be overseen by the National Cyber Resilience Advisory Board, is not time-bound, but its action plans will run from 2021 to 2023; and these will be reviewed annually to monitor progress made using the strategic indicators set out in Annex D. Furthermore, Scotland’s Framework and the UK Government’s National Cyber Security Strategy are mutually supportive.
A partnership approach
The Cyber Scotland Partnership is a collaboration of key strategic stakeholders – including the Scottish Government, SCVO, NCSC, Police Scotland and Skills Development Scotland – which will help to coordinate efforts to improve Scotland’s cyber resilience; and drive the activities which will help to achieve the Framework’s outcomes.
One of the first steps the partnership has taken is to launch CyberScotland.com aimed to be a one-stop-shop for advice, guidance and resources on cyber services, incident response, and cyber skills and careers.
Read more about Scotland’s cyber resilience framework here.
Latest News from
Let’s use our heads to solve digital exclusion09/04/2021 16:05:00
On 20 April, techUK will host its Open Finance and Inclusion Summit. During the conference's final panel, sponsored by LexisNexis Risk Solutions, speakers will explore how to unlock digital finance for all.
Digital Inclusion Might be The Best Approach to The Future Of Cash09/04/2021 12:20:00
Few countries have taken to digital payments as enthusiastically as the UK. With Covid-19 accelerating pre-existing trends in consumer behaviour, digital payments have overtaken cash as the most popular means of paying for goods and services.
Financial Inclusion - The Global Issue09/04/2021 09:05:00
Financial exclusion is a major problem globally with billions of people unable to access standard financial services.
How banks can achieve the promise of open banking with a data mesh architecture08/04/2021 16:05:00
The changes that banking is set to undergo over the next decade will be both radical and fundamental. CDOs should use this opportunity to drive greater organisational agility through agile approaches to enterprise data architecture.
Sea of change requires a new agility to surge ahead in Open Banking08/04/2021 14:15:00
Banks, once so serene, now find themselves in a sea of change that demands a new type of agility.
Open Finance: why it is so important particularly in relation to geospatial and urban planning data08/04/2021 12:05:00
It has been said many times that data is the oil of the digital age, but this metaphor is frequently misunderstood.
Who owns your bank data?08/04/2021 10:20:00
For years, the answer to this question was straightforward: your bank. But then digitisation happened, and with it came many new services: Spotify suggested music you might like, Uber plotted your best route home. Slowly, people started to see the power of data to deliver more convenient and personal services.
Digital Markets Unit set up in Competition and Markets Authority07/04/2021 15:10:00
A DCMS press release has confirmed the ‘shadow’ launch of the Digital Markets Unit based in the Competition and Markets Authority to start looking at how codes of conduct would work in practice to promote competition in digital markets.
Data – The Key to Unlocking Financial Inclusion07/04/2021 09:05:00
Data is a simultaneously the most exploited and the most under-used commodity of the digital age.