We look to the days before CyberScotland; where the idea came from, who was involved in the early stages, and why the idea resonated so much. Following that the discussion focuses on who is involved now and what is involved in the CyberScotland portal. There may even be a small mention of the Digi Ken tv ad campaign and its infamous socks!

Our guest for this show is Keith McDevitt, Cyber Integrator at the Scottish Government. Keith was instrumental in getting CyberScotland off the ground and is instrumental in its journey to be a go-to destination for assisting with cyber in Scotland.

Our host is Kirstie Steele. She’s the CyberScotland Community Lead and is based at the Scottish Business Resilience Centre.

Exercise in a Box is an online tool from the NCSC which helps organisations test and practise their response to a cyber attack. It is completely free and you don’t have to be an expert to use it. Over the past few years, it has made a big difference in introducing organisations to the basics of cyber exercising. By combining threat intel and knowledge of the threat landscape, NCSC has created a tool that allows organisations of all sizes to engage with their cyber security knowledge, and practice responses to some of the biggest threats facing us today. 

In this episode we take a deep dive into Exercise in a Box, tracing its origins with guest speaker Steve O, from NCSC. Steve talks about its core purpose, how it’s grown and plans for its future. Also joining us on this episode is Norman Stevenson from Police Scotland. Norman has joined many sessions and has both partaken as a user and contributed to other groups adding info from a Policing perspective. Finally, to bring it all together we look at what is involved in joining one of the Scottish Business Resilience Centre’s facilitated sessions. 

If you’re not sure what Exercise in a Box is, or how it applies to your organisation, this episode will shed light on all your questions.

Our host for this episode is Jeremy Aylott, Lead Ethical Hacker at the Scottish Business Resilience Centre. Jeremy has been involved with countless Exercise in a Box sessions and has seen its benefits first hand. 

For more info on Exercise in Box follow the links below:
General info: https://www.cyberscotland.com/ncsc/exercise-in-a-box/
Detailed info: https://www.sbrcentre.co.uk/prevent-protect/cyber-services/exercise-in-a-box
Upcoming sessions: https://www.sbrcentre.co.uk/events

CyberScotland Week draws together events across Scotland designed to make businesses, organisations and individuals more cyber aware and resilient.
Whether we’re younger or older. From our home life to our business. Whether you need to protect yourself or your organisation, you need to be cyber aware and resilient in a growing digital world.

The Three Aims of CyberScotland Week:
Protection: Improving cyber resilience knowledge, behaviours, awareness and practice.

Innovation: Showcasing innovative work happening across Scotland’s cyber sector.

Skills and Careers: Promoting skills development and a career in cyber security.

You don’t need to be a cyber security expert to support CyberScotland Week. Host an event for your colleagues, customers, members, network or friends and we’ll find you a speaker and promote your event.

Learn more and see the full list of events here.

The CyberFirst Girls Competition is the NCSC’s flagship cyber security contest for schools, which opens annually to girls in S2 in Scotland. The competition final took place last month, with school girls across the country taking part. 

The finalist worked in teams to crack cyber-related puzzles, with the top-scoring team in each home nation or region crowned the local champion. Thirteen teams around the country claimed victory at the finals with Stirling High School winning in Scotland.  

The competition aims to inspire girls to consider pursuing careers in cyber security. 

The top 3 Scottish schools were: 

• 1st Place – Stirling High School 
• 2nd Place – Hyndland Secondary School
• 3rd Place – Douglas Academy 

The CyberFirst programme offers a range of free opportunities aimed at offering young people the skills, opportunities and exposure they need to thrive in cyber security. 

Kirstie Steele (CyberScotland Community Lead), spoke to Ms McAlpine and the girls from Stirling High School about what it was like taking part in the competition, how they worked together as a team, and what advice they would give to other students who might be interested in taking part. 

• Digital World HQ: https://www.digitalworld.net/cyber-security/learning-opportunities
• CyberFirst Programme: https://www.ncsc.gov.uk/cyberfirst/overview 
• Cyber Skills Live Lessons: https://cyberskillslesson.com/ (including How to Rob a Bank, How to Steal a Pizza)

Our host is Graham Bye, an independent consultant coordinating some of the activities of the CyberScotland Partnership. 

Our guests for this session are Chris Pinder, the Chief Operating Officer at the IASME Consortium, who are responsible for delivering the Cyber Essentials scheme across the UK. 

Also joining us is Robbie Ross, Chief Security Officer at Converged Communications Solutions in Aberdeen who are a licensed Cyber Essentials Certification Body and John Macleod, the Commercial Director at Leask Marine, International Marine Contractors in Orkney who have been through the process of achieving Cyber Essentials certification.  

For more information on Cyber Essentials and resources mentioned during the podcast, follow the links below. 

• https://iasme.co.uk/
• https://iasme.co.uk/cyber-essentials/
• https://getreadyforcyberessentials.iasme.co.uk/
• https://www.ncsc.gov.uk/cyberessentials/overview
• https://www.ncsc.gov.uk/information/exercise-in-a-box
• https://cyberfraudcentre.com/prevent/cyber-services/exercise-in-a-box

What is Cyber Essentials?
Cyber Essentials is an effective, Government backed scheme that will help you to protect your organisation, whatever its size, against a whole range of the most common cyber attacks.

Cyber attacks come in many shapes and sizes, but the vast majority are very basic in nature, carried out by relatively unskilled individuals. They’re the digital equivalent of a thief trying your front door to see if it’s unlocked. Our advice is designed to prevent these attacks.

In this episode, Incident Response & Threat Intelligence Manager at the Cyber and Fraud Centre, Mike Smith, speaks to David Brown from NCC Group. David is a Senior CIRT Consultant and discusses the ins and outs of incident response with Mike from a security vendor point of view. 

In partnership with the Scottish Government and Police Scotland, the Cyber and Fraud Centre has launched the UK’s first cyber and fraud incident response helpline for Public, Private and Third-Sector organisations across Scotland to help victims of cybercrime understand what support is immediately available to them and help them recover. Any organisation concerned about their IT security should call the line, and if they think there is criminal activity, please report the crime to Police Scotland by calling 101.

If you are concerned your organisation has been the victim of a cyber or financial fraud attack, please call this free helpline. Their team will provide expert guidance to help you resume operations. Organisations concerned about their security, in general, can also get in touch to confirm they have the right processes in place. The Cyber and Fraud Centre runs the helpline in collaboration with the Scottish Government and Police Scotland. The Cyber and Fraud Centre also works with several trusted external companies nationwide that can help when an onsite expert is needed.

Incident Response Helpline – 0800 1670 623

In this episode the Incident Response & Threat Intelligence Manager at the Cyber and Fraud Centre, Mike Smith, speaks to Lyndsey Jackson, the Deputy Chief Executive from the Edinburgh Festival Fringe. Lyndsey details her experiences with a cyber hack, shares her learnings, and discusses the impact it had on the organisation.

In partnership with the Scottish Government and Police Scotland, the Cyber and Fraud Centre has launched the UK’s first cyber and fraud incident response helpline for the public, private and third-sector organisations across Scotland to help victims of cybercrime understand what support is immediately available to them and help them recover. Any organisation concerned about their IT security should call the line, and if they think there is criminal activity, please report the crime to Police Scotland by calling 101.

If you are concerned your organisation has been the victim of either a cyber or financial fraud attack please call this free helpline. Their team will provide expert guidance to help you resume operations. Organisations who are concerned about their security, in general, can also get in touch to confirm they have the right processes in place. The helpline is run by ourselves in collaboration with the Scottish Government and Police Scotland will also work with several trusted external companies around the country that can help in situations where an onsite expert is needed.

Incident Response Helpline – 0800 1670 623

On this weeks episode we have three of the team members of the Cyber Fraud Centre; Head of Strategy John Callagy hosts Declan Doyle, Head of Professional Services, and Lead Ethical Hacker Jeremy Aylott to discuss the importance of cyber strategy and specifically the Cyber Strategy for Small Organisations guide.

The Cyber Strategy for Small Organisations guide has been designed to assist organisations in practicing and maintaining healthy cyber security. Cyber strategy is how you implement cyber security into the day-to-day running of an organisation. This episode touches on the importance of treating cyber strategy as a priority rather than an afterthought, how organisations can apply cyber strategy and how they can make use of the cyber strategy document to better their cyber security.

The Cyber Strategy for Small Organisations Guide

In this episode Declan Doyle, Head of Professional Service at the Cyber and Fraud Centre, hosts Adam, Heidi, Conor and Stephen, four of the ethical hackers from Abertay University working with the Cyber and Fraud Centre. In the episode they discuss pursuing a career in cyber through their experiences working as ethical hackers and the cyber knowledge that they have built through their work and education.

The Cyber and Fraud Centre work with students enrolled on the Ethical Hacking course at Abertay University, training them in ethical hacking while also giving them corporate experience presenting workshops and events to businesses across the UK.  They have a team of over 25 ethical hackers based at Abertay’s cyberQuarter.

The team of students utilises ethical hacking to identify and mitigate potential vulnerabilities, in a bid to prevent exploitation by malicious hackers. Identifying weaknesses in an enterprise infrastructure is an essential component of combating cybercrime.

Find out more here: Ethical Hacking – Cyber and Fraud Centre

Visit the CyberScotland website here: CyberScotland.com