News

Cyber resilience starts with you

CyberScotland Partnership (CSP) is encouraging organisations across Scotland to strengthen their cyber resilience by focusing on one of the most important defences of all – their people.

This second organisation and business asset pack focuses on raising cyber awareness among all staff, regardless of role or technical knowledge. Cyber security is no longer just an IT issue. Every employee, every device and every action plays a part in keeping organisations and people safe and secure online.

Cyber resilience starts with you.

Stay alert. Stay secure.

Regular reminders help keep cyber security front of mind and support a strong security culture across your organisation.

Cyber resilience is a shared responsibility

Every employee. Every device. Every day.
Be smart. Stay safe.

Cyber criminals often look for the easiest route into an organisation. That route is frequently through people rather than technology. From opening emails to using shared devices, everyday actions can either reduce risk or create vulnerabilities. Simple awareness can make a significant difference.

It starts with you.
Online security is a team effort.

Cyber resilience depends on everyone playing their part. When staff understand common risks and know how to respond, organisations are better prepared to prevent incidents and recover quickly if something goes wrong. Creating an open culture where staff feel confident reporting concerns is key.

Not sure?
Ask before you click the link.

Phishing emails, messages and fake websites continue to be one of the most common threats facing organisations. If something looks unusual, unexpected, urgent or makes you feel a strong emotion it’s always safer to pause and ask. Checking first can prevent data loss, financial fraud and wider disruption.

Secure your devices.
Stop threats before they start.

Work devices – including laptops, tablets and smartphones – should be protected with updates, security software and screen locks. Staff should understand the importance of keeping devices secure, especially when working remotely or using public networks.

Strong passwords. Strong protection.
Don’t share. Don’t reuse.

Passwords are often the first line of defence. Using strong, unique passwords with three random words for work accounts and enabling multi-factor authentication where available helps protect systems and sensitive information. Passwords should never be shared, even with colleagues.

Being cyber aware needs to become second nature.  Short reminders, regular updates and simple guidance help reinforce good habits and reduce the likelihood of successful cyber-attacks. By using this asset pack throughout the year, organisations can support staff to stay alert and confident online.

Additional Resources / For Further Reading: 

The following websites include additional advice and links to other trusted resources where you can find out more:

Police Scotland – Business Email Compromise (BEC) 
https://www.scotland.police.uk/advice-and-information/internet-safety/cybercrime/#business%20email%20compromise  

UK Government 

https://www.gov.uk/government/collections/cyber-security-guidance-for-business

National Cyber Security Centre (NCSC) – advice for organisations of all sizes 

https://www.ncsc.gov.uk/section/advice-guidance/small-medium-sized-organisations

https://www.ncsc.gov.uk/section/advice-guidance/large-organisations

https://www.ncsc.gov.uk/section/advice-guidance/self-employed-sole-traders

Trading Standards Scotland  

https://www.tsscot.co.uk/business-scams/

Cyber and Fraud Centre Scotland

https://cyberfraudcentre.com/prevent/cyber-services/cyber-mot

https://cyberfraudcentre.com/prevent/cyber-services/network-and-web-app-vulnerability-assessments

https://cyberfraudcentre.com/prevent/cyber-services/phishing-resilience-exercise 

British Business Bank 

https://www.british-business-bank.co.uk/business-guidance/guidance-articles/business-essentials/a-guide-to-protecting-your-smaller-business-from-cyber-attacks