CyberScotland Bulletin

CATEGORIES

The CyberScotland Bulletin is designed to provide you with information about the latest threats, scams, news and updates covering cyber security and cyber resilience topics. We hope you continue to benefit from this resource and we ask that you circulate this information to your networks, adapting where you see fit. Please ensure you only take information from trusted sources.

If there are any cyber-related terms you do not understand, you can look them up in the NCSC Glossary.

Please subscribe to our CyberScotland mailing list to be notified by email when a new bulletin is published.

Keep up to date on social media, follow us on Twitter and LinkedIn.

New guidance to help small organisations use online services more securely

The NCSC have launched a new online services guidance tailored for small organisations. This is specifically written for small and medium sized enterprises (SMEs), who may be overwhelmed by the NCSC’s existing cloud security guidance (which is aimed squarely at IT professionals and contains a lot more technical details). The new guidance will help SMEs use online services more securely, so that they’re less likely to be the victim of a cyber attack.

Read more about it here

NCSC launch Cyber League

Cyber League is a new NCSC initiative which brings together a trusted community of NCSC and industry cyber experts to work on the biggest cyber threats facing the UK. This is part of the NCSC mission to make the UK the safest place to live and work online.

Members of Cyber League are a diverse group of industry experts, working with NCSC analysts and each other, to bring their unique knowledge and understanding to the threat picture. They take part in a range of engagements, including analytic workshops and discussion groups.

Read more about it here

UK’s cultural institutions gather for summit on the cyber threat

Organisations across the UK’s culture sectors have been coached on how to reduce the risk of falling victim to cyber criminals.

Earlier this month, the NCSC and the Department for Culture, Media and Sport (DCMS) met with representatives from the UK cultural sector to discuss what can be done to protect institutions’ digital collections.

Online collections, which pool millions of digital records, enable cultural institutions to increase accessibility of their materials and hold unique social and cultural value to the wider public. In 2020 alone, the creative industries brought £103.8 billion to the UK economy. This makes the cultural sector an attractive target to opportunistic threat actors.

Read more about it here

The startups on a mission to make the UK the safest place to live and work online

As the innovation partner to the NCSC, Plexal are pleased to have welcomed a new intake of cyber companies to the NCSC For Startups programme.

NCSC For Startups is a unique initiative that offers startups insights and guidance from NCSC experts, enabling them to develop, adapt or pilot technology to meet the biggest cyber security challenges facing the UK such as protecting SMEs and citizens and reducing the risks involved in remote working. 

Over the course of 12 weeks, six startups will receive technical expertise, insights and guidance from the NCSC, Plexal and partners including Deloitte, CyNam, Hub 8 and QA.

Read more about it here

Ransomware reached record breaking levels in 2023

Examining the ransomware landscape over the last twelve months, a new report by Cyberint has shed light on its evolution, impact, and noteworthy trends.

The report states that 2023 was the biggest year for ransomware groups in history, witnessing a staggering surge of 55.5% in the number of victims compared to the preceding year. The report discloses that a total of 4,368 victims fell prey to ransomware attacks during this period, signifying a notable escalation from the figures recorded in 2022.

Read more about it here

New report reveals staggering number of email security incidents

Cyber security company Egress has published it’s second ‘Email Security Risk Report’ revealing that 94% of global organisations experienced email security incidents in the past 12 months.

This upward trend is mirrored in the negative impact of phishing attacks, affecting 96% of organisations enduring operational disruption as a result of an email security incident, up from 86% in the prior year. 

The report sheds light on the evolving risks, impact of incidents, and cybersecurity leaders’ concerns about traditional approaches to email security.

Read more about it here

New SC3 Reports posted daily and weekly

Keep up-to-date on all the latest cyber threats with the daily threat and weekly vulnerability reports from the Scottish Cyber Coordination Centre (SC3) provided in collaboration with CyberScotland.

The Daily Threat Report provides a daily breakdown of various cyber threats and the Weekly Vulnerability Reports summarise the known software vulnerabilities published in the previous week.

To subscribe to the reports and stay up-to-date visit the official page where the reports are also posted: SC3 Threat Reports

IoT cyber challenge: IoT Secure

IoTSecure is CENSIS’s support service which offers 1-2-1 support to SMEs to help companies design, develop, or manufacture cyber-secure IoT products or services. Advice is also available to non-technology organisations and companies interested in adopting IoT in the workplace.

The scheme closes in spring 2024 and they have just a handful of opportunities left to support businesses. Reach out to CENSIS for 1-2-1 advice to address your IoT cyber challenge, whatever that might be, including:

• Advice on best practice in IoT product design
• Information about new legislation (the Product Security and Telecommunications Infrastructure Act 2022 comes into force in April)
• Reviews for new products or services, including suggestions from CENSIS for adaptations or improvements

For more information click here

Cyber Workforce Webinar

Showcase member ISC2 and the UK Cyber Security Council invite you to a conversation between ISC2 CEO Clar Rosso and the Council’s Chair of the Board Dr Claudia Natanson MBE.

Both leaders will be discussing the recent Cyber Workforce Study from ISC2 where a record 14,865 cybersecurity professionals share their unique perspectives on the state of the workforce. The study offers insight into in-demand skills, evolving career pathways, the impact of AI and more.

Date: 23 January – 12:00-13:00

Find out more and register here

FutureScot Cyber Security 2024

Futurescot’s annual Cyber Security conference is Scotland’s exclusive platform for public sector professionals, this event stands unparalleled in its commitment to fortifying the nation’s critical digital infrastructure.

The conference offers a rare opportunity to dive deep into cutting-edge cyber protection strategies, learning directly from the masters of the field. Participate in thought-provoking leadership sessions, masterclasses, and discussions that blend global thought leadership with practical, industry-leading best practices.

Date and time: 27 February, 08:30 – 16:30

Venue: University of Strathclyde, Technology and Innovation Centre Glasgow

Find out more information here

CyberScotland Week events

Make sure to check out the official CyberScotland Week page for regularly updated cyber-related events coming up soon.