Cyber resilience: public sector action plan 2017-2018

Key actions that the Scottish Government, public bodies and key partners will take to further enhance cyber resilience in Scotland's public sector.

Public Sector Action Plan on Cyber Resilience – Joint Foreword

Digital technology offers huge opportunities for Scotland as a modern, progressive nation.

Whether in the public, private or third sectors, our ability to inform and interact with citizens and consumers is being transformed by the digital world. Scottish public bodies, businesses and charities are developing ambitious plans to embrace these opportunities.

Trust and confidence are fundamental to the success of these plans. As the threat from cyber criminals and other hostile actors in cyberspace grows, we must do all we can to ensure our digital services are as secure as possible, and can recover quickly when cyber-attacks succeed.

The ambition of the Scottish Government and the National Cyber Resilience Leaders' Board is for Scotland to be a world leading nation in cyber resilience.

We start from solid foundations. Scotland's cyber resilience strategy, Safe, Secure and Prosperous, provides an ambitious framework for action. Many organisations in Scotland's public, private and third sectors have already prioritised putting in place sound cyber security measures. But we are realistic about the need for further, concrete actions to help achieve our ambition.

The Programme for Government sets out a commitment to develop a suite of action plans to help move Scotland as a whole towards greater cyber resilience. The overall aim of those action plans will be to develop a culture in which our nation's cyber resilience is, rightly, seen as everyone's business – from the smallest micro business or charity, to the largest, most complex public and private sector organisations.

This Public Sector Action Plan, developed jointly by the Scottish Government and the National Cyber Resilience Leaders' Board, represents an initial, significant step towards establishing that wider culture of cyber resilience in Scotland.

While many Scottish public bodies already have sound standards of cyber security in place, our aim is for the Scottish public sector as a whole to become an exemplar in this field over time.

By undertaking the actions set out in this plan, Scottish public bodies will be committing to implementing a common approach to cyber resilience, offering greater assurance to those who make use of our digital public services.

Further, complementary action plans, developed in partnership with the Scottish private and third sectors, will follow.

We look forward to continuing to work together with partners across Scotland, the UK and internationally to realise our goal of being a world leading nation in cyber resilience.

John Swinney MSP
Deputy First Minister and Cabinet Secretary for Education and Skills

Hugh Aitken
Chair, NCRLB


Back to top