Scotland’s technology ecosystem contributed £4.9bn Gross Value Added (GVA) to the country’s economy in 2019, accounting for 3.5% of total GVA, according to Scottish government data, while Edinburgh is the most active tech community in the UK outside London, with Glasgow not far behind in fourth place. It’s fair to say technology in Scotland underpins all walks of life in both the private and public sector.

In February 2021, the Scottish government published the Cyber Resilient Scotland: strategic framework, outlining the threat cybercrime poses to the fabric of Scottish society. The report states, “public bodies and public services remain at significant risk from cyber threat“.

Cybercrime is a constantly evolving threat

It would be naive to assume that even if an organisation has achieved Cyber Essentials accreditation it is fully protected against cyber criminals. Cybercrime is a constantly evolving threat. According to the Sophos State of Ransomware 2022 report, 59% of central and local governments were targeted by ransomware in 2021. The report also states that overall there was a 78% increase in ransomware attacks over the course of the year, demonstrating that adversaries have become more capable at executing the most significant attacks.

The requirement for more stringent cyber security in the public sector in Scotland came under the spotlight in December 2020 when the Scottish Environmental Protection Agency (SEPA) was targeted by a massive attack. An investigation by Police Scotland concluded it was likely that the attacks were carried out by an international organised crime group. The fact that the attack took place at one minute past midnight on Christmas Eve was no accident.

The gang responsible will have reasoned that SEPA, like most public bodies and most private organisations in the western world, would be short-staffed over the holiday season. Unfortunately, they were right and that meant by the time the attack was detected and response arranged, it was already too late.

According to Audit Scotland in February 2022 the full financial impact of a cyber-attack on SEPA remained unclear nearly 12 months after the attack, as SEPA was still in the process of rebuilding its digital infrastructure.

What is cybersecurity as a service?

Sophos is working with iconic Scottish soft drink brand AG Barr. In recent years, the manufacturing industry became a prevalent target for security attacks due to legacy systems and unpatched applications. The main challenge for AG Barr was access to the skilled resource required to proactively search out security threats across a technology estate of laptops, desktops, servers, mobiles and tablets on a 24/7 basis.

AG Barr became an early adopter of Sophos MDR and has been able to undertake preventative work to increase security and avoid breaches rather than fire-fighting security threats as and when they occur. “Having experts we can trust at the end of the phone, without delay, to help us navigate the constant security threats we face, not only delivers peace of mind but extraordinary value for money. It also saves us the expense of recruiting up to five new employees to take on this work,” notes Paul Ginestri, Information Security Specialist, AG Barr.

Some firms in this emerging cybersecurity space are well-known and trusted names such as Sophos, who currently have over 13,000 organisations consuming their managed services, others are new entrants. There is a huge variance in the cost, level of service and protection available from third party providers which can make choosing a service a daunting task. “When it comes to managed security services, organisations need to do their due diligence,” notes Cuthbertson. “Some providers appear to offer broad coverage, but more often than not, full incident response is missing. They will identify an issue, but then hand over how it’s handled to the customer. You need to be aware of false economies.”

To find out more about Sophos and Cybersecurity as a Service please visit