Safe, secure and prosperous: a cyber resilience strategy for Scotland

Our cyber resilience strategy support the development of a culture of cyber resilience in Scotland.

Annex A

Scotland can be a world leader in cyber resilience and be a nation that can claim, by 2020, to have achieved the following outcomes


  • Our people are informed and prepared to make the most of digital technologies safely
  • Our bsuinesses and organisations recognise the risks in the digital world and are well-prepared to manage them
  • We have confidence in and trust our digital public services
  • We have a growing and renowned cyber resilience research community
  • We have a global reputation for being a secure place to live and learn, and to set up and invest in business
  • We have an innovative cyber security, goods and services industry that can help meet global demand

Priority Actions


  1. Establish a strategic governance group
  2. Incorporate cyber resilience into national and local government policies
  3. Ensure board/executive level commitment to cyber resilience
  4. Develop cyber incident reporting measures and link to wider ICT/digital and business continuity plans
  5. Define the standards of cyber resilience for public sector procurement
  6. Ensure the safety and security of online shared services systems
  7. Embed cyber resilience assessments for new products, services and processes
  8. Consider shared development or procurement of cyber resilient systems


  1. Assess existing awareness campaigns
  2. Develop specific awareness-raising & communication activity for a range of audiences
  3. Establish a cyber resilience network to share evidence of what works
  4. Establish a central gateway for trusted advice and guidance
  5. Assure the public around the use of digital public services
  6. Encourage sharing of information relating to cyber incidents, threats and vulnerabilities
  7. Develop methods on how to measure impact


  1. Map existing cyber resilience skills across learning settings to identify gaps
  2. Explore opportunities to embed cyber resilience into curricula
  3. Introduce cyber resilience into workplace learning and development
  4. Explore ways to embed cyber resilience into teacher training
  5. Grow the number of apprenticeships in cyber security and resilience
  6. Explore ways to develop and retain cyber expertise in Scotland


  1. Establish a sustainable and coherent approach to research
  2. Establish a baseline to identify the economic, societal and individual impacts of cyber crime
  3. Share research to develop our knowledge and understanding
  4. Establish a baseline for current levels of trust and confidence in digital public services
  5. Develop new and innovative ways to help businesses and organisations become cyber resilient
  6. Learn from other nations and information to combat cyber crime


Back to top