CATEGORIES
CyberScotland Bulletins UpdatesThe CyberScotland Bulletin is designed to provide you with information about the latest threats, scams, news and updates covering cyber security and cyber resilience topics. We hope you continue to benefit from this resource and we ask that you circulate this information to your networks, adapting where you see fit. Please ensure you only take information from trusted sources.
If there are any cyber-related terms you do not understand, you can look them up in the NCSC Glossary.
Please subscribe to our CyberScotland mailing list to be notified by email when a new bulletin is published.
Keep up to date on social media, follow us on Twitter and LinkedIn.
CyberScotland updates
News and updates from CyberScotland and our partner network
CyberScotland Partnership announces new Chair
The CyberScotland Partnership (CSP) has appointed Karen Meechan, CEO of ScotlandIS, as the new Chair of the Partnership, effective 1 August 2025.
Karen succeeds Clare El Azebbi, Head of the Scottish Government’s National Cyber Resilience Unit, who has held the position of Chair since 2023. Clare has played a pivotal role in shaping CSP’s direction and leading a cross-sector collaborative approach to cyber resilience in Scotland.
Karen Meechan brings extensive experience in digital innovation and cyber collaboration. She is dedicated to helping solve the challenges the cyber security industry faces in order to help Scotland’s technology landscape to thrive. We can’t wait to see what happens with Karen at the helm!
CyberScotland Partners to speak at DigitalScotland conference
Alan Gray, Head of National Cyber Security and Resilience at the Scottish Government and Jude McCorry, Chief Executive of Cyber and Fraud Centre – Scotland are among the lineup of speakers at this year’s DigitalScotland conference, taking place in Edinburgh on 19 November.
NCSC offering free cyber security sessions throughout August for SMEs
Throughout August 2025, the National Cyber Security Centre (NCSC) and IASME are offering small and medium-sized businesses a free 30-minute cyber security consultation.
Delivered by an NCSC-assured Cyber Advisor, these sessions give your organisation actionable advice to:
🔹 Strengthen your organisation’s cyber security
🔹 Understand the Cyber Essentials certification process
🔹 Take steps your organisation can implement straight away
IASME provides cyber security certification and training to small and medium businesses across the UK.
Cyber Assessment Framework v4.0 released in response to growing threat
The NCSC has launched version 4.0 of its Cyber Assessment Framework (CAF), aimed at helping organisations, particularly those in critical national infrastructure, strengthen their cyber resilience amid rising threats. It is encouraging all system owners to adopt CAF 4.0 to improve their organisation’s cyber security and resilience.
Register now for Scot-Secure West
A number of CyberScotland partners are involved in Scot-Secure West on 10 September. The event is supported by the Cyber and Fraud Centre – Scotland and ScotlandIS. Speakers include:
- Jude McCorry – CEO, Cyber and Fraud Centre – Scotland
- David Ritchie – CISO, Digital Office for Scottish Local Government
NCSC on Panorama
NCSC featured on an episode of BBC’s Panorama on ‘Fighting Cyber Criminals’. The team shared some of their work countering threats, supporting victims and empowering organisations to protect themselves. You can watch it now on iPlayer.
UK to lead crackdown on cyber criminals with ransomware measures
Hospitals, businesses and critical services are set to be protected under measures designed by UK Government to crack down on cyber criminals and safeguard the public, following public consultation on ransomware proposals.
Public sector bodies and operators of critical national infrastructure, including the NHS, local councils and schools, would be banned from paying ransom demands to criminals under the measure, with nearly three quarters of consultation respondents showing support for the proposal.
NCSC CEO shares what it really means to be cyber resilient
NCSC CEO Dr Richard Horne spoke to McCrary Institute for Cyber & Critical Infrastructure Security’s Cyber Focus podcast about what it really means to be cyber resilient and it coming down to three things – exposure, defences and consequences. You can listen to the podcast now.
ScotlandIS turns 25
CyberScotland partner ScotlandIS turned 25. Congratulations to the team for this fantastic achievement!
In other news…
Cyber security news from Scotland and the rest of the UK
Online Safety Act now enforced
New laws under the UK’s Online Safety Act have come into force. The new laws are in place to protect under-18s from harmful online content and mean that over-18s must submit age verification checks when accessing potentially harmful content. The UK Government has written a full explainer of the new laws.
UK to lead crackdown on cyber criminals with ransomware measures
Industry experts have warned that the systems for training the skilled professionals needed to secure the UK’s cyber data are no longer fit for purpose. A White Paper published by De Montfort University Leicester found that a fragmented 20th century training ecosystem risks leaving UK businesses dangerously exposed to 21st century cyber-threats.
Microsoft SharePoint faces cyber-attack
Hackers exploited a major Microsoft vulnerability chain affecting on-premises SharePoint servers, allowing them to steal cryptographic keys, access Windows applications like Outlook, Teams and OneDrive, and maintain persistence even after reboots and updates. Microsoft released an emergency patch and published a security advisory detailing the issue.
Cyber insurance claims surge amid record payouts
Databarracks’ 2025 Data Health Check reveals new trends in resilience, recovery, and risk. UK businesses are getting better at disruption response, but AI-led cyber threats are accelerating. According to the report, this year’s most disruptive development is the rise of AI-enhanced cyber threats. Deepfakes, spoofing and machine-generated attacks are now seen as the greatest IT resilience challenge over the next five years.
59% of UK cyber security leaders suffer burnout amid rising threats
According to the latest State of Cyber Risk and Exposure report from Bitsight, UK cyber security leaders are facing mounting pressures as they work to balance growing risk complexity, increasing board expectations and intensifying compliance requirements.
The study, based on a survey of 1,000 cyber security and risk professionals globally, reveals that while British organisations are leading in some areas of risk monitoring, many still struggle when it comes to converting that data into actionable insight.
Man who ‘hacked’ Scottish computers charged in Switzerland
A man who allegedly hacked computers in Scotland and elsewhere to extort various companies has been charged in Switzerland.
A 51-year-old has been indicted for alleged cybercrime for a total of 10 ransomware attacks between December 2018 and May 2020.
The CyberScotland Bulletin is a monthly roundup of news and updates on cyber security and resilience with a particular focus on Scotland. Feel free to forward it to anyone in your network who might benefit from it.
Please ensure you only take information from trusted sources. The NCSC has a useful glossary of cyber terms you may wish to reference while you read the bulletin.
For more regular updates follow CyberScotland on X or LinkedIn, Instagram, Facebook and BlueSky.