uptake of a number of technologies across the public sector and beyond which mitigate the likelihood of this data being useful to a future hacker. Users will always lose their credentials, there is very little or- ganisations can do about that, but there are a multitude of tools avail- able to help minimise the impact. “Te biggest single improvement

organisations can make to their authentication process is to imple- ment multi-factor authentication. Password managers are also a useful tool to enable users to have a unique password for every account they own, minimising the impact of stolen credentials.”

Whilst it did not feature among the largest number of leaked creden- tials, the Scottish Government has a national responsibility for setting cyber policy and standards, which have recently been updated in a new “strategic framework for a cyber resilient Scotland”, and also recently playing a role in establish- ing the CyberScotland Partnership. A Scottish Government spokes-

person said: “Te Scottish Gov- ernment provides its users with extensive guidance on password management including not reus- ing their password on any other systems. “We follow best practice from the

NCSC to ensure our password poli- cies are both robust and secure. We have an education and awareness programme in place that educates our users on good cyber behaviours. “Te Scottish Government’s

accounts and infrastructure are monitored by its cybersecurity operations centre which has robust monitoring and investigatory pro- cesses in place. “We have a layered approach to

cybersecurity and have in place strong cyber defence measures against the cyber threat, including multi-factor authentication, thus the presence of email addresses or user credentials on their own on the dark web are not sufficient indicators of threat or compromise. “Also, email addresses for a citi-

zen-centric public sector organisa- tion will almost always be public and are included on almost all correspondence and communica- tion – including Freedom of Infor- mation requests which are widely published on internet sites.” l

Te rise of ransomware

and what to do It’s no longer just the responsibility of organisations’ IT departments to keep business systems safe


The Scottish Business Resilience Centre (SBRC) recently surveyed more than 250 business in Scot- land about their cyber prepared- ness and learned that more than a third (38 per cent) don’t feel prepared for a cyber attack. It’s a worrying trend, especially given that the Sophos State of Ran- somware 2021 report found that 35 per cent of British businesses were hit by ransomware attacks in the past year. A ransomware attack works by

cyber criminals encrypting an organisation’s files and holding data hostage until a ransom is paid. Tese fees can be extortion- ate and not every business will be able to pay: DarkSide, one of the more prolific ransomware gangs, has made at least $90m (£63.4m) since August 2020 in ransom payments from fewer than 50 victims. But even for those who can

afford to pay, there’s no guarantee they will get all their data back in a timely manner. In fact, separate research by Sophos found that companies are only able to restore an average of 65 per cent of their data even after paying a ransom. Given these odds, it’s clear that

businesses should focus their efforts and finances on improving their cybersecurity defences in the first place and thereby limit the fallout of an attack, rather than assuming they’ll be able to pay a ransom and move on. Te most basic thing that an

Jude McCorry says everyone needs to know the basics of cybersecurity

organisation can do to mitigate this is to check that systems including firewalls and anti- virus programmes are up to date. Regular backups are vital, too: organisations are more likely to get their data back by relying on a recent copy than paying ransom. It’s also important to make

sure employees understand that cybersecurity isn’t just the responsibility of the IT depart- ment: everyone needs to know at least the basics of cybersecurity, such as not opening attachments or clicking links they weren’t expecting. A strong cybersecurity strategy goes beyond this, to in- clude role-playing and scenario- planning that involves a broad range of people in the company to ensure preparedness. Another consideration as

part of a strong cyber strategy is around accreditations, par- ticularly Cyber Essentials. Tis is a government-backed scheme

which can prevent or limit the fallout from up to 80 per cent of common cyber attacks, including ransomware. Only 42 per cent of the busi-

nesses we surveyed held the Cyber Essentials certificate – but it’s a simple way for business owners to become more aware of their cyber processes, and could mean the difference between surviving an attack or losing all their systems and data. Regardless of the precautions

taken, it’s still possible that a business will fall victim to a cyber attack. For those that do, there is support out there, includ- ing the SBRC’s Cyber Incident Response Helpline. Te sooner you get help after an incident has occurred, the greater the chances of recovery. l

Jude McCorry is chief executive of the Scottish Business Resilience Centre

SBRC Cyber Incident Response Helpline: 01786 437 472


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36