Cyber Security Standard for Scotland developed in Thurso
Published 11 Jul 2019
Thurso-based non-profit organisation Cyber Security Scotland has created a cyber security standard that will be adopted by every public body in Scotland.
Dr Keith Nicholson, founder and Executive Chair of Cyber Security Scotland explains: “We were commissioned by the Scottish Government to develop a framework that combined over a dozen different security standards and guidelines into a single model that public bodies could follow to ensure compliance with standards such as Cyber Essentials, GDPR and ISO27001. This has not been attempted previously and it was a significant and complex task to build the model.”
The Cyber Resilience Framework created by Cyber Security Scotland has been issued to over 120 organisations – feedback has been 100% positive. Comments such as “an impressive piece of work, an example of Scottish innovation” were not unusual such has been the high praise for the framework.
“We’re really pleased with the response” said Dr Nicholson “It took several months of hard work to develop the model, so to receive such acclaim is very rewarding.” The innovative approach taken by Dr Nicholson has been recognised outside Scotland; the model has been positively considered by the UK National Cyber Security Centre and the Scottish Government has received enquiries from as far away as Australia.
This work follows an earlier extensive piece of work by Cyber Security Scotland to create a standardised cyber security policy and guidance for every health board in Scotland.
“We have more work to do” explained Dr Nicholson, “we’re working with local firm Navertech to develop a self-assessment tool for public bodies to evaluate their cyber security status and creating a uniform auditing procedure. Once this programme of work is completed, Cyber Security Scotland will have developed standards and cyber security models for every public body in Scotland, something that gives us great pride and satisfaction.”