A security chief has praised Scotland’s work in cyber resilience and revealed the country is often used as a training ground for potential issues.
Ciaran Martin, chief executive of the National Cyber Security Centre (NCSC), was speaking at the CyberUK conference which drew to a close in Glasgow on Thursday.
He discussed the critical infrastructure in place across the UK and the role Scotland played – with devolved powers such as taxation – as well as highlighting their work with public and private sector bodies based north of the border.
Mr Martin said: “What I’m impressed about is the way Scottish society, public and private sector, mobilises itself in the various resilience forms and so forth where you can get most of the people in a room of about this size (around 20 people) that you need to coordinate that sort of resilience plan.
“Frankly, sometimes we try some things out in Scotland because for some work it can be an optimal size of population – big enough but not too big to do that sort of cross-sectoral kind of work.”
The NCSC’s deputy director for digital government, Jon Browning, said on Wednesday more than 600 million websites were checked by security experts last year – up from eight million in 2017.
He noted “almost all UK local authorities” had used the web check service and later confirmed every Scottish local authority was enrolled in it, adding: “Scotland are leading the way in their use of that service”.
At the same conference on Thursday, Theresa May’s de-facto deputy David Lidington announced a new cyber fitness tool for vulnerable local authorities, emergency services and small businesses.
The free tool, known as the Exercise in a Box, will provide users with a range of real-life scenarios based on common cyber threats facing the country.
It marks an attempt to prevent a repeat of disruptive attacks such as WannaCry which hit parts of the NHS – including in Scotland – in May 2017.
The Scottish Government’s Digital Economy Minister Kate Forbes called for more education to achieve her hope for Scotland to be a “vibrant, out-looking digital nation”.
She said: “I’m very mindful as a politician that’s great rhetoric and a great vision but unless we get our cyber resilience right it’s nothing but rhetoric and an empty vision.
“Skills is cited as probably the biggest challenge that the fibre security sector faces.
“If we don’t equip our citizens with a basic understanding of cyber threats and how to navigate them, if we don’t have the skilled individuals coming through our education systems to meet the needs of industry and the needs of government, we cannot hope to make any progress in the way I’ve already set out.
“We’re trying to embed cyber resilience learning in Scotland’s curriculum from the earliest of ages and to try and plug the skills gap by working with, for example, Skills Development Scotland, the SQA and colleges and universities.”