The Scottish Government has announced the creation of a new Scottish Cyber Co-ordination Centre (SC3).
It said the central co-ordination body – backed by an investment of £1.5 million – will have an initial focus on protecting the public sector and strengthen Scotland’s resilience to withstand high level cyber threats.
The move is part of the Scottish Government’s Covid Recovery Strategy, which includes a commitment to setting up an authoritative and collaborative body to combat the accelerating threat of cyber attack.
SC3 will pool expertise from a number of organisations to share intelligence, provide early warnings of threats and attacks manage incidents and lead recovery.
These include the UK National Cyber Security Centre, Scottish Government, Police Scotland, NHS National Services Scotland, the Digital Office Scottish Local Government and HEFESTIS (the shared services organisation for higher education). It will also work closely with the cyber security industry.
Early priorities
Initially SC3 will have a primary focus on the public sector, and in its first year will look at: how Scotland can manage threats and vulnerabilities at scale; how to build the cyber security capabilities of the public sector; and how responses to incidents can be more rapidly identified, managed and investigated.
It will be formally launched later this year, recruitment for a head of the centre is now underway, and it is expected that there will be nine dedicated members of staff recruited during year one. At first they will be located within the Scottish Government.
Deputy First Minister John Swinney (pictured) said: “At times of heightened international tension, it is more important than ever to ensure that Scotland is ready to defend itself against cyber attacks.
“Sustaining and increasing Scotland’s cyber resilience requires us to continue harnessing the power of working in partnership and stepping it up at all levels.
“Establishing a new dedicated cyber co-ordination centre is a bold and ambitious development for Scotland.
“By providing a central co-ordination function that pools expertise from across a number of existing or developing centres of excellence, we can maximise our ability to work together to address cyber threats and attacks – whether that is sharing intelligence, providing early warnings, managing incidents or leading recovery.