CATEGORIES
CyberScotland Bulletins UpdatesThe CyberScotland Bulletin is designed to provide you with information about the latest threats, scams, news and updates covering cyber security and cyber resilience topics. We hope you continue to benefit from this resource and we ask that you circulate this information to your networks, adapting where you see fit. Please ensure you only take information from trusted sources.
If there are any cyber-related terms you do not understand, you can look them up in the NCSC Glossary.
Please subscribe to our CyberScotland mailing list to be notified by email when a new bulletin is published.
Keep up to date on social media, follow us on Twitter and LinkedIn.
CyberScotland updates
News and updates from CyberScotland and our partner network
CyberUK 2026 brought global cyber leaders to Glasgow
CYBERUK 2026 took place in Glasgow from 21–23 April, bringing together over 2,500 cyber security leaders, practitioners and policymakers from across the UK and beyond. Hosted by National Cyber Security Centre (NCSC), this year’s programme explored how to accelerate cyber defence in response to an increasingly complex threat landscape. The Scottish Government hosted CyberScotland Street and the CyberScotland Pavilion, showcasing Scottish-based cyber security companies and the CyberScotland Partnership.
During the event, the NCSC recommended that passkeys, instead of passwords and passcodes, were the most secure option for online accounts. It is expected that we will hear more advice and guidance on this over the coming months. More information can be found here: Passkeys: what you need to know | National Cyber Security Centre.
CyberScotland launches Secure Finance campaign to tackle online fraud
CyberScotland has launched its latest campaign, Secure Finance, highlighting the growing threat of cyber criminals targeting people’s money through scams such as fake cryptocurrency investments, SIM-swapping and copycat websites. The campaign encourages individuals and organisations across Scotland to stay vigilant and adopt simple steps to protect their financial information.
AI cyber threats: open letter to business leaders
The UK Government has written an open letter to business leaders on the steps organisations should take to protect against AI-driven cyber threats. A new generation of AI models are able to exploit software weaknesses at a pace and scale not seen before. Cyber security should be seen as an essential part of running a business today.
Cyber Essentials changes coming into effect from April 2026
Updates to the Cyber Essentials scheme come into effect this month, reflecting changes in technology and evolving cyber risks. The updates aim to strengthen baseline security requirements and ensure the certification continues to provide effective protection against common cyber threats for organisations of all sizes.
Scotland’s tech innovators recognised at Digital Tech Awards 2026
ScotlandIS has announced the winners of the Digital Tech Awards 2026, celebrating innovation and impact across Scotland’s technology sector. The awards highlighted a diverse range of organisations spanning AI, cyber security and digital transformation, with a new AI Trailblazer category recognising the growing importance of artificial intelligence to Scotland’s digital economy.
UK exposes Russian military intelligence targeting vulnerable routers
The UK’s National Cyber Security Centre (NCSC) has revealed that Russian military intelligence actors have been exploiting vulnerable internet routers to support cyber-attacks and espionage activity. The NCSC is urging organisations and individuals to apply security updates, secure device access and review network configurations to reduce the risk of compromise.
In other news…
Cyber security news from Scotland and the rest of the UK
More than half of small businesses in Scotland are ‘vulnerable’ to cyber attacks
According to a poll carried out by Glasgow and Ayrshire-based IT support specialist Innovec, over half of Scotland’s small businesses say they are vulnerable to a cyber attack, and 88% either had no formal cyber security policy or were unsure.
NHS Scotland domains compromised in website hijacking incident
Several NHS Scotland-linked domains have been compromised and used to host inappropriate content, including links to adult material and illegal streaming sites. Cyber security teams from NHS Greater Glasgow and Clyde and Public Services Delivery Scotland are working to investigate and contain the incident, with no evidence that patient data or national NHS systems have been affected.
Cyber crime surge outpaces policing capacity in the UK
New analysis published by Forbes Solicitors has highlighted that cybercrime in the UK is growing significantly faster than the resources available to tackle it, with reported offences rising sharply in recent years while specialist policing capacity has increased at a much slower rate. At the same time, proposed legislation to strengthen cyber resilience and restrict ransomware payments could increase compliance requirements for businesses, placing greater responsibility on organisations to strengthen defences and manage cyber risk.
Rockstar Games suffers third party cloud hack
Videogame producer Rockstar Games has suffered another cyber security breach, this time in the form of a cloud hack by threat actor ShinyHunters, allegedly through a vulnerability exposed by a breach on Anodot, a third-party cloud analytics software service.
Cyber attack disrupts Northern Ireland school network
A cyber attack on a centralised school IT system in Northern Ireland has caused widespread disruption, affecting access to digital services used by hundreds of thousands of pupils and teachers. The incident led to temporary shutdown of the network while investigations and recovery efforts were carried out, highlighting the critical role of digital infrastructure in education and the impact cyber incidents can have on learning and operations.
The CyberScotland Bulletin is a monthly roundup of news and updates on cyber security and resilience with a particular focus on Scotland. Feel free to forward it to anyone in your network who might benefit from it.
Please ensure you only take information from trusted sources. The NCSC has a useful glossary of cyber terms you may wish to reference while you read the bulletin.
For more regular updates follow CyberScotland on X or LinkedIn, Instagram, Facebook and BlueSky.
Remember, to report an email phishing attempt, forward your email to the National Cyber Security Centre: report@phishing.gov.uk
If you are a victim of cyber crime, please report it to Police Scotland by calling 101.
The CyberScotland Partnership is a collaborative leadership approach to focus efforts on improving cyber resilience across Scotland.
The Scottish Government’s key strategic stakeholders have come together in a formal partnership arrangement to drive the delivery of activities that will achieve the outcomes of The Strategic Framework for a Cyber Resilient Scotland.