Cyber resilience economic opportunity: key actions 2018-2021

The Cyber Resilience Economic Opportunity action plan sets out the key practical steps we and our partners will take to grow Scotland’s cyber security industry.


2 Key Actions

These are the key actions that the Scottish Government and its partners will take in support of the plan's objectives, through to 2021:

Action A1:

The Scottish Government, through an ongoing commitment to all five cyber action plans[3], will continue to clearly state and demonstrate its ambition to make Scotland a world-leading nation in cyber resilience, sending strong long-term demand signals to the supply side that they can be confident in their own expansion. The Scottish Government will play a key role in proactively engaging in, and influencing policy development at Scottish, UK and EU levels to ensure there is an effective voice representing Scottish cyber security companies and interests. This includes engaging with the UK Government as it develops a royal charter body to support professionalisation and collaboration across the UK. This activity will be ongoing.

Action A2:

The Scottish Government will work in partnership with Scottish Enterprise, Highlands and Islands Enterprise and other key partners to encourage the ongoing development of innovative solutions to public and private sector challenges relating to cyber resilience. This will include launching calls to industry through mechanisms such Civtech, CAN DO, or Open Innovation Challenges. The first challenge will be launched in 2018.

Action A3:

The Scottish Government will work in partnership with Scotland's academic institutions to encourage growth in world-leading research, innovation and skills to stimulate market needs and create economic impact. This activity will be ongoing.

Action A4:

On an ongoing basis, the Scottish Government will support opportunities for industry and academic experts to contribute to future cyber resilience policy development and thought-leadership at the Scottish, UK and EU levels. In the immediate term, the Scottish Government will commission the collaboration of universities who make up the Scottish Informatics and Computer Science Alliance (SICSA) Cyber Nexus to work with industry and other partners to produce a research piece into the concept of digital communications infrastructure in Scotland as a "fifth utility". This will consider the current and expected future "state of the art", and the extent to which Scotland could achieve a competitive advantage by driving forward change in this area using existing or new powers. The findings of this research, to be delivered by summer 2019, will help inform wider policy development in respect of "secure by design". This activity will be ongoing.

Action B1:

Scotland has a growing capability and global visibility in cyber security research, innovation and skills benefiting the sector. The Scottish Government and the collaborative of universities who make up the SICSA will build on the current government-funded SICSA programme of work to support academic institutions to expand this research. This work will aim to be of sufficient scale to attract and retain at least one globally renowned academic, provide for long-term facilities, and nurture junior research talent. It will also explore new ways of working that could better support the integration of academic ideas and expertise with the medium–to-long-term needs of industry. This action will be ongoing.

Action B2:

The Scottish Government will continue to work with the Scottish Funding Council to strengthen the requirements for cyber security research to be included within our university and college outcome agreements. This action will be ongoing.

Action B3:

The Scottish Government and its enterprise and skills agencies will continue to clearly state their support for the creation of a cyber-focused Centre for Doctoral Training in Scotland, and will work with SICSA, universities and industry to explore practical routes that all sectors could use to engage with, or support such a programme – for example through the provision of data. This action will be ongoing.

Action C1:

Scottish Enterprise will work with the Scottish Government and other key partners to establish a cluster management function for cyber within an accredited Cluster Management Organisation (CMO), with enough resource, capacity and capability to match the ambition of developing a globally relevant cyber security cyber security cluster. This will include steps to help the CMO achieve EU accreditation standards to agreed levels within a realistic timeframe. The CMO will be expected to participate in appropriate national advisory forums, work closely with partners to determine how best Scotland can benefit from UK wide industry initiatives emanating from the UK Government and NCSC, and encourage the development of networks, coherence and partnership working, particularly with other aligned clusters such as Fintech. The CMO will initially be established by autumn 2018.

Action D1:

The CMO, Scotland's enterprise agencies, and the Scottish Government will work together to develop a comprehensive shared understanding of Scotland's cyber security landscape. This will include identifying our strengths (in both a UK and global context), mapping out the current picture in terms of the various hubs and centres of expertise that exist across Scotland, and understanding the effectiveness of existing models and mechanisms for innovation, support and coordination of activity. This first phase of activity will be completed by summer 2019. We expect this action to raise to the surface any need for additional support mechanisms that could help to rapidly accelerate growth in the cluster, and further specific actions may flow from this as a result.

Action D2:

The Scottish Government and Scotland's enterprise agencies will work with supporting institutions and innovation centres (such as CivTech, CENSIS and The Data Lab) to ensure cyber security is embedded into any centrally-funded technology innovation activity. This includes ensuring that the outputs of publicly-funded innovation projects are developed with adequate, proportionate levels of cyber security in mind, and that innovation centres are equipped to advise or signpost on such issues. This will be in place by autumn 2019.

Action E1:

The CMO will work with industry, universities and other key partners such as the Scottish National Investment Bank to maximise the impact of existing investment platforms, to support Scottish cyber security entrepreneurs in getting exposure to potential investors, and to support potential investors to make more informed decisions. This action will be ongoing.

Action E2:

The CMO will work closely with Scotland's enterprise agencies, in particular Scottish Development International, to attract direct foreign investment and increase exports in the area of cyber security. This will include developing a strong international proposition. To ensure maximum impact, the CMO and enterprise agencies will work with the UK Government's Department of International Trade to identify collaborative opportunities. This action will be ongoing, with the first phase – developing a proposition – completed by summer 2019.

Action E3:

The CMO, the Scottish Government and Scotland's enterprise agencies will work together with other key partners to maximise engagement, increase impact, and amplify messages across our international networks (such as trade ambassadors, global scots, and other in-market actors and connections). This activity will be ongoing.

Contact

Email: Clare.ElAzebbi@gov.scot

Back to top