SBRC awarded £500,000 to continue running ‘Exercise in a Box’ for cybersecurity
The Scottish Government has re-awarded Scotland’s national cyber organisation the contract to run the National Cyber Security Centre’s (NCSC) ‘Exercise in a Box’ programme.
The £500,000 grant will enable the Scottish Business Resilience Centre (SBRC) to run online and in-person workshops for public and third sector bodies for the third year running.
Scotland has been subject to a number of disruptive large scale cyberattacks in recent years with developments in Ukraine and the recent Covid lockdown exacerbating the situation.
The training, which has already benefited 450 organisations, includes mock scenarios such as a third-party software compromise, a ransomware attack and a threatened sensitive data leak.
It is hoped more than 250 organisations will benefit from the training programme, which comes ahead of a major summit in Edinburgh as part of European Cyber Security Month in October.
Jude McCorry, chief executive of SBRC, said: “There is no denying that the ongoing pressure facing everyone from a cyber-perspective has increased massively in recent years.
“Just as we see one organisation recover from the grips of a cyber-incident, another is targeted.
“It is also now believed that cyber criminals have targeted more than three-quarters of public sector organisations and, closer to home, we have seen this play out with a number of disruptive large-scale attacks already in Scotland.
“We don’t want to see more Scottish organisations fall victim to these attacks and that is why upskilling and awareness programmes continue to be so vital.”
Justice secretary Keith Brown, who will address the event, says the training is “absolutely crucial”.
He said: “The Scottish Government is committed to ensuring Scotland leads the way in cyber resilience and security.
“This extended training will help many more organisations to stave off the threat of an attack, and protect against disruptive and costly data breaches.
“The workshops provide practical guidance to mitigate or respond to hostile cyber-attacks. I would urge eligible organisations to take up this opportunity to ensure they are protected.”