The Strategic Framework for a Cyber Resilient Scotland 2025 - 2030

Introduction

Cyber resilience is not just about responding to threats. It’s about building strength, confidence and continuity into every part of an organisation. It is not only about technology, but also about people: their awareness, skills and ability to respond effectively when things go wrong.

By focusing on cyber resilience, we shift from fear to preparedness, from risk to opportunity.

This Strategic Framework for a Cyber Resilient Scotland (2025-2030) (“The Framework”) marks the third phase of our national approach to ensuring Scotland’s cyber resilience. It builds on progress we have made to date, reinforcing Scotland’s strengths while seeking to address both ongoing and emerging challenges in our increasingly digital world.

While the aims of the 2021 Strategic Framework for a Cyber Resilient Scotland remain relevant, the digital landscape has evolved significantly – demanding a refreshed approach. As we embrace new and emerging technologies, government, organisations and the public must be acutely aware of the ever-evolving cyber threats and know how to manage them.

2.1 Who is the Framework for?

The Framework sets the strategic direction for government and national delivery partners and provides guidance for public, private and third sector organisations to strengthen their cyber resilience. A suite of Action Plans will be developed to translate the priorities into tangible actions and these will be reviewed every two years.

The outcomes within the Framework contribute to a number of national outcomes in Scotland’s National Performance Framework (see Annex A).

2.2 How will we monitor and measure impact?

Drawing on global best practice, Scotland will adopt a layered, whole-of-nation approach to cyber resilience. The Scottish Government will regularly review and monitor the Framework and publish updates on progress.

We will work with partners to establish meaningful ways to progress and measure the success of the Framework.

2.3 Getting the most from digital technologies

It is nearly impossible to imagine life without digital technologies. Almost every aspect of our daily lives relies on the internet, data and devices. Much of our national infrastructure, including transport systems, utilities and government services, depends on technology and online connectivity.

Increased access to digital technologies and the internet benefits individuals, families, communities, organisations and businesses. As digital tools become even more critical to Scotland’s economic, social and cultural development, our dependence on them will continue to grow.

Key areas of digital growth in Scotland include:

• Internet access in Scotland. As of 2023, 91% of households in Scotland have internet access, although this ranges from 87% in the most deprived areas to 96% in the least deprived areas, highlighting ongoing digital inclusion challenges. Internet usage among older adults has increased significantly, rising from 29% in 2006 to 77% by 2023.^[2]
• Fast, reliable Broadband. Digital connectivity is a key building block in achieving a greener economy and a more inclusive society. Scottish Government-led programmes have delivered over one million faster broadband connections so far, backed by £1 billion of public investment. Future-proofed, resilient broadband connectivity will be extended further through our regional contracts with Openreach under the Reaching 100% (R100) programme, alongside Scotland’s role in delivering Project Gigabit.
• Digital public services. The Scottish Government is committed to delivering dynamic, integrated digital public services making it easier for all of us to interact with public services more easily and efficiently, for example MyGov Portal and ScotAccount.
• New and emerging technologies. Technologies including Artificial Intelligence (AI), Blockchain, the Internet of Things (IoT), Quantum Computing and Mixed Reality, are transforming service delivery, enhancing education and driving innovation. These technologies are also helping to tackle the threat by detecting cyber risks faster, predicting attacks before they happen and automating responses to reduce disruption.

2.4 The cyber threat landscape

Cyber threats are becoming increasingly complex and aggressive, driven by nation-state activity, AI-enabled cyber crime and ransomware. Supply chain vulnerabilities, data theft and rising regulatory demands will remain persistent risks.

Phishing remains one of the most widespread and disruptive attack methods, targeting individuals to gain access to organisations’ systems. According to the Cyber Breaches Survey 2025, 85% of UK businesses and 86% of charities reported staff encountering fraudulent emails or websites in the previous 12 months.^[3]

Future Trends for Scotland reiterates that cyber attacks on Scotland’s critical infrastructure pose a significant national security risk and that the health sector is particularly prone to cyber attacks due to the amount of personal data held.^[4]

Ransomware remains a major and growing cyber security problem, impacting individuals, businesses and critical public services with financial losses, data theft, service disruption, and potential threats to national security. Its evolving sophistication, adoption of double-extortion tactics, and the rise of Ransomware-as-a-Service (RaaS) have lowered the barrier to entry for cyber criminals, making attacks more frequent, damaging and pervasive across almost all sectors.

2.5 Anticipating cyber risk in the age of emerging technologies

Emerging technologies such as AI, Quantum Computing, Internet of Things (IoT), Data and Robotics are reshaping the digital landscape and transforming service delivery. While these innovations offer significant benefits, they also expand the threat surface, particularly when integrated into critical infrastructure and public services (see Annex B). Threat actors are increasingly leveraging these technologies to deploy sophisticated attacks, requiring our national cyber defence to evolve with agility and foresight.

Addressing these evolving threats amidst rapid technological change and broader societal, economic and geopolitical shifts, demands adaptability, innovation and a coordinated response.

2.6 Cyber crime

There are two main types of cyber crime – cyber-dependent and cyber-enabled.

Cyber-dependent crime involves offences that can only be committed using digital technologies, such as hacking, malware distribution and denial-of-service attacks.

Cyber-enabled crime refers to traditional crimes that are amplified or facilitated by digital technologies. These crimes exist offline but are made scalable or harder to trace online. Examples include fraud, identity theft and child exploitation.^[5]

An estimated 14,120 cyber crimes were recorded by Police Scotland in 2024-25. This is substantially higher than in 2019-20 (7,710).

Source: Scottish Government, Recorded Crime in Scotland