We need your support to keep TheyWorkForYou running and make sure people across the UK can continue to hold their elected representatives to account.

Donate to our crowdfunder

Cyberattacks (Protection)

– in the Scottish Parliament on 22nd November 2018.

Alert me about debates like this

Photo of Ross Greer Ross Greer Green

4. To ask the Scottish Parliamentary Corporate Body what measures it takes to protect the Parliament from cyberattacks. (S5O-02607)

Photo of Kezia Dugdale Kezia Dugdale Labour

The Scottish Parliamentary Corporate Body fully recognises that the importance of cyberresilience for all organisations has never been greater. Digital technologies are vital to the successful operation of all modern organisations, and the SPCB has put in place a variety of tools, technologies and procedures to protect the Parliament from a successful attack. Our critical cybersecurity controls have recently undergone an independent assessment of their effectiveness, which has led to the Parliament being awarded cyber essentials plus certification.

In addition to the technical measures and controls that have been put in place, an on-going campaign to raise awareness of cybersecurity issues will help to ensure that all network users are mindful of how they can contribute to defending our Parliament from cyberattacks.

Photo of Ross Greer Ross Greer Green

The corporate body will be aware of the Russian ambassador’s upcoming visit to the Scottish Parliament. Given that Russia is a hostile state that has not only killed citizens on United Kingdom soil but engaged in extensive cyberattacks against political parties, Governments and other institutions across the world, could the corporate body provide further detail on the specific measures and assessments that have been undertaken in advance of the ambassador’s visit?

Photo of Kezia Dugdale Kezia Dugdale Labour

Just this morning, the Scottish Parliamentary Corporate Body received a briefing from the national cyber security centre. We will use the information that we receive on threats and vulnerabilities to ensure that our cyber defences evolve to best manage the risks that we face, wherever—I emphasise this point—they come from. We have not taken action this morning in response to any specific attack from Russia; we received the briefing to ensure that the procedures that we have in place are as up to date and as well resourced as they possibly can be. I hope that that offers Ross Greer the reassurance that he is looking for.