Cyber testing programme updated after surge in ransomware attacks
A national body for cyber security has updated its online tool for testing business resilience following several high-profile ransomware attacks on both public and private sector organisations in the UK earlier this year.
The Scottish Business Resilience Centre (SBRC) has made ‘significant’ changes to its facilitation of the National Cyber Security Centre’s ‘exercise in a box’ programme after ransomware infections ‘hit the headlines’ in January, including the devastating attack on the Scottish Environment Protection Agency (SEPA).
The SBRC’s service sees free workshops delivered to businesses focused on cyber resilience, allowing them to explore various scenarios to test their response in a safe environment, ‘without worrying about repercussions’.
To improve the workshops, which have been running with businesses across Scotland since the end of 2020, the SBRC have launched the ‘phishing attack that leads to a ransomware infection’ scenario. This joins the ‘working from home’ scenario.
‘Phishing’ is a type of online scam where criminals impersonate legitimate organisations via email, text message, advertisement or other means in order to steal sensitive information.
As part of the new scenario, workshops will explore how an organisation would experience a phishing attack that leads to a ransomware infection, without any risks or repercussions.
It will also test how users can detect and respond to phishing attacks, as well as what security controls are implemented to limit the impact of ransomware infections when they do occur.
SBRC’s cyber team are running the 90-minute sessions virtually with support from the Scottish Government and input from Police Scotland and other stakeholders.
Participants will gain a range of skills, allowing them to continue refining their cyber resilience policies in their own time.
Jude McCorry, chief executive of SBRC, said: “The extension of the scenarios explored within our workshops provide businesses with more opportunity than ever to extend their cyber resilience. While news around ransomware infections has increased recently, businesses must feel reassured that these types of attacks are by no means the most popular type of cyber-attack. However, as part of increasing the resilience of a business, organisations must be informed and prepared for any eventuality.
“The exercise in a box workshops have so far received extremely positive feedback from attendees. The specificity of the scenarios which are explored provides attendees with the opportunity not only to see how they might respond to such a situation but also hear how others might, which opens their mind to new approaches and processes. Given that businesses continue to face a bumpy road to recovery, I encourage all to attend this free programme to ensure that cyber resilience is one area of the business owners don’t need to be concerned about.”
Workshops specific to the ransomware scenario are taking place on the following dates:
- Tuesday 28 April
- Wednesday 29 April
- Tuesday 4 May
- Tuesday 11 May
- Wednesday 12 May
McCorry said: “There are many ways including ransomware by which a business can experience a cyber security incident, with varying levels of complexity and disruption. Cyber incidents can occur through deliberate targeting or even human error, but the end result is the same: a disruptive effect on business operations. At SBRC we are working in partnership with Police Scotland and Scottish government running the UK’s first collaborative cyber incident response helpline for organisations in Scotland. If you think that you are a victim of a cyber attack your first calls should be to Police Scotland on 101 to report the crime (whilst respecting your IT systems as a crime scene) and our incident response helpline on 01786 437472, we will assist you with immediate support and expert guidance, and ensure you are speaking to the correct agencies and organisations to help you feel supported and get you back in operation securely. We would also urge organisations to look at actively protecting and protecting their organisations against cyber incidents and look at areas like Exercising, Cyber Essentials, and also vulnerability testing of their organisations.”
Further information on exercise in a box workshops – delivered via Microsoft Teams or Zoom – are available on the SBRC website here. The new CyberScotland.com website was also recently launched as a hub for information on cyber in Scotland.
The SBCR exists to create a secure environment where businesses can trade securely, regardless of size and sector.
Picture: Thitichaya Yajampa / Shutterstock
Why innovation and marketing are the perfect partners to make changes that matter￼
With the rapid evolution of traditional marketing and the appearance of digital marketing, technology and innovation has become part of any marketer’s life without the need of working for a…
Transitioning to a four-day week – CEO’s vow to strike a healthier balance in the workplace
I came to Scotland nearly 20 years ago from Ireland, with no contacts but a lot of determination. While Ireland will always be my home, Scotland has given me amazing…
Women Lead: The female-led company championing intuitive working
Over the last two years, the pandemic forced a shift to more remote and flexible working practices. Whilst we might be seeing a “return to normal”, some companies are choosing…
Women Lead: My passion for young people to consider a career in digital
Twenty years ago, I stumbled across my career in digital marketing almost by accident. It was during my honours degree in marketing at Glasgow Caledonian University. I was on work…
Women Lead: Inclusive Silicon Valley cohort gives hope to entrepreneurs from diverse backgrounds
Things are happening on the Scottish tech scene. Big and small initiatives are creating a fantastic ripple effect on the sector, bottom up and top down, thanks to the recommendations…
Women Lead: The story of an entrepreneurial scientist
I first arrived in Scotland over 20 years ago. I had £75 in my wallet and a scholarship offer to do a PhD at the University of Edinburgh. Sometimes I…
Please mind the gap… or healthcare may fall
Imagine sharing a lengthy train journey with others. From beginning to end, imagine how often you might hear ‘mind the gap’ messages about embarking and disembarking safely. Picture how navigating…
Women Lead: My journey from Dragons’ Den to Silicon Valley
Following her appearance on Dragons’ Den, Sheila Hogan, serial entrepreneur, founder and chief executive of digital legacy vault, Biscuit Tin, shares her experience of her time in the Den and…