How prepared is your organisation to defend a cyber-attack?

The Scottish Business Resilience Centre have been expertly delivering non-technical, cyber resilience trainings to public, private and third sector organisations for many years and have received a positive response. With more public and third sector organisations coming forward and seeking help and guidance with planning for responses to data breaches, SBRC is calling out to all third and public sector organisations in Scotland to join our free, non-technical Exercise in a Box workshops, and prepare their respective organisations against possible cyber-attacks. 

According to the most recent Cyber Security Breaches Survey conducted by the UK Government, results show that in the last 12 months, 39% of UK businesses identified a cyber-attack, remaining consistent with previous years of the survey. However, it was also noted that enhanced cyber security leads to higher identification of attacks, suggesting that less cyber mature organisations in this space may be underreporting.

Third and Public sector organisations are important in this context for a multitude of reasons. Most notably for how they support the public and the wider society through their hard work and dedication. These sector organisations include charities, social enterprises and voluntary groups, law enforcement, and housing associations, that primarily deliver essential services, support people’s wellbeing, and contribute to economic growth. They provide knowledge and resources to society, aid those in need, create safe spaces, and help communities grow by communicating on a local level.

According to a recent article written by Michael Cameron, Chief Executive of the Scottish Housing Regulator, the housing sector in Scotland is driving forward with digital, but the number of cyberattacks is also on the march. Organisations must make sure there is proper provision for costs associated with cyber security in business plans.

As technology grows, it is difficult to keep up with the evolving processes used for protecting your data. Many know about the simple things like making sure you have a secure password to access your accounts and installing an anti-virus software. This was evident in Charity Digital’s report, as the top answer for ‘which cyber security software was used by their organisation’ was ‘antivirus’. But it’s easy to get lost when trying to implement simple defences like these and lose focus on what you are defending yourself against. With a mix across all organisations on who is responsible for ensuring data, money and integrity of businesses is protected, private, third and public sector organisations look for urgent and crucial support in the field of cyber security. Upon this, the Scottish Business Resilience Centre, in collaboration with the Scottish Government, is currently delivering, a selection of free Exercise in a Box workshops for organisations to attend and educate themselves in the field of cyber security, or to begin their cyber journey and learn about the very basics of securing data online and offline.  
Exercise in a Box is a free, 90 minute non-technical workshop which helps organisations find out how resilient they are to cyber-attacks and practise their response in a safe environment. It is expertly delivered by the Scottish Business Resilience Centre across Scotland (developed by the National Cyber Security Centre) and started its life as a self-use tool to help organisations test and practise their internal response to a plethora of cyber issues.

Currently, SBRC’s Exercise in a Box sessions offer four scenarios, ‘Working from Home’, ‘Digital Supply Chain’, ‘Ransomware’ and ‘Micro Exercises’. These sessions highlight the primary as well as broader cyber security learnings and often dive into the basics of cyber resilience, within a 90-minute session to ensure all organisations, regardless of their sector or level of cyber knowledge, can benefit. Needless to say, advanced topics are also covered during these workshops along with 1-2-1 consultations that are offered as a follow-up to the workshop, should the attendees feel the need to work on a specific topic relevant to their organisation.

Specific topics to be covered include:

• Ensuring password security
• Identifying and reporting phishing emails
• Connecting securely during remote work
• Responding to a ransomware attack

Please feel free to book a space for your organisation and members, for the upcoming sessions here.

For any queries regarding the project delivery, or to set up a private event for your respective organisation, please write to enquiries@sbrcentre.co.uk