Britain’s most senior cyber security official has urged all organisations to carry out a basic ‘cyber hygiene’ test to reduce the risk of a cyber attack, adding the vast majority of incidents of cyber crime could be prevented by doing so.
Speaking at the CyberScotland Summit in Edinburgh, Lindy Cameron, CEO of the National Cyber Security Centre (NCSC), praised Scotland’s approach to cyber security and cited its existing ecosystem as a key aid in limiting the potential fallout of cyber attacks.
The Summit attracted more than 200 delegates, and is one of the largest gatherings yet in Scotland on the subject of cyber security.
Other key themes discussed during the conference included the need for partnerships and collaboration across sectors; and how to encourage more people to work in cyber security.
The continued skills and gender gap in the Scottish industry was also discussed, with Daniel Sellers, Cyber Resilience Learning and Skills Coordinator at Scottish Government, pointing out diversity is increasing – but only at entry levels of employment.
The Summit follows a recent (ISC)2 Cybersecurity Workforce Study which found women accounted for less than a third of cyber security workers under 30 in the UK, but only 14% of those over 60. This indicates a clear demographic shift which speakers hoped would continue in the future, noting a focus on educating primary school students in cyber could have a long-term effect.
Freha Arshad, Managing Director at Accenture told the event: “Diversity is not just about gender or socioeconomic background; we’re only just getting to grips with neurodiversity. We do a lot of work getting neurodiverse people through the door, but most companies don’t have processes set up to help them once they’re there. We’ve only half solved the problem.”
With speakers from the Federal Bureau of Investigation (FBI), as well as Viljar Lubi, Ambassador of Estonia in the UK, the Summit stressed the importance of collaboration across international borders and the need to ensure people of all backgrounds and abilities have equal access to cyber security information.
MSP Keith Brown, Cabinet Secretary for Justice and Veterans, reminded guests that advice on cyber messaging is available on Lead Scotland’s website in a range of accessible formats and languages including Urdu, Romanian, and – as of yesterday – Ukrainian.
He noted that society’s growing reliance on technology can have devastating consequences in case of a cyber-related crisis, referencing the recent cable failure in Shetland which led to banks closing and people unable to access money to buy food.
Justice Secretary Keith Brown said: “Normally the cable connecting Shetland to the Faroe Islands could have picked up the load, but it was undergoing maintenance at the time. That tends to be the nature of these issues, which is why cyber resilience is so important.
“This is never going away as we rely on technology and there are always going to be criminals trying to profit from that. There will always be cyber threats and the Scottish Government is committed to working together with partners to mitigate these issues.”
Speakers throughout the day underlined the need for trust and transparency in strengthening relationships – across borders and sectors, and even among competing organisations – to ensure a completely cyber resilient Scotland.
Clare El Azebbi, Head of the Cyber Resilience Unit at Scottish Government, pointed to the Scottish Cyber Coordination Centre, founded earlier this year, as an example of the government’s push to support a more digitally safe country. She noted its ultimate vision is to have agencies throughout Scotland and the wider UK work together to rapidly issue intelligence, share early warnings, and help manage incidents at pace.
The Summit was hosted by the CyberScotland Partnership, a collaboration between organisations including Scottish Government, Police Scotland, and the Scottish Business Resilience Centre.
The Partnership today also welcomed the UK Cyber Security Council as its 17th member.