International Cyberattacks

– in the Scottish Parliament on 5th March 2020.

Alert me about debates like this

Photo of Mary Fee Mary Fee Labour

2. To ask the Scottish Parliamentary Corporate Body what assessment has been made of the level of threat to information technology systems from international cyberattacks. (S5O-04192)

Photo of David Stewart David Stewart Labour

The Scottish Parliamentary Corporate Body fully recognises that the importance of cyberresilience for all organisations has never been greater. Digital technologies are vital to the successful operation of all modern organisations, and the corporate body has put in place a variety of tools, technologies and procedures to protect the Parliament from a successful attack.

The effectiveness of our critical cybersecurity controls is regularly and independently assessed. That has earned the Scottish Parliament a cyber essentials plus certification, which is revalidated annually.

In addition to the technical measures and controls that are in place, the Scottish Parliament is a member of the cybersecurity information sharing partnership and is in regular contact with the national cyber security centre and other bodies that provide advice on the current threat landscape and on cybersecurity best practice.

Photo of Mary Fee Mary Fee Labour

How does the corporate body stay apprised of current cybersecurity developments?

Photo of David Stewart David Stewart Labour

The SPCB does that by working with the NCSC and the Scottish Government. We update our technical safeguards regularly while balancing security with ease of use. As I mentioned, the SPCB has recently undertaken an independent assessment of critical cybersecurity controls, which has led to the award of cyber essentials plus certification once again.