Cybercrime

– in the Scottish Parliament at on 20 April 2022.

Alert me about debates like this

Photo of Martin Whitfield Martin Whitfield Labour

6. To ask the Scottish Government whether it will provide an update on what measures it is taking in response to the reported growing threat of cybercrime. (S6O-00963)

Photo of Keith Brown Keith Brown Scottish National Party

We continue to work closely with Police Scotland and other cyber Scotland partners, including the National Cyber Security Centre, to protect the public and organisations from cyber threats.

In addition to the on-going activity that I highlighted to the chamber on 26 January, given the current heightened cyber risk, the Scottish Government is working with the National Cyber Security Centre to deliver a national cyber aware campaign that will seek to educate the public on the following two actions that everyone should take to keep themselves secure online.

First, the campaign will underline the point that someone’s email is where they keep their most personal information, including financial information, and everyone should ensure that they have a strong and separate password for their email address. The recommendation is that three random words should be used that cannot easily be guessed.

The second action is to enable two-step verification on people’s accounts so that criminals cannot access them, even if they have people’s passwords.

Further information on those measures and other relevant information is available on the cyberscotland.com portal. Victims of any crimes should phone Police Scotland on 101.

Photo of Martin Whitfield Martin Whitfield Labour

I am very grateful for the cabinet secretary’s response, particularly what he said about the response that individuals should take. Recent years have shown that our cyber infrastructure has been tested by cyberattacks, such as the attack on the Scottish Environment Protection Agency back in 2020. With the war in eastern Europe raging on, will the cabinet secretary say what steps have been taken to audit and improve Scotland’s cybersecurity and to protect the country from the possibility of Russian state-sponsored attacks or attacks from criminal organisations that are based in Russia, which might use the conflict as a reason for attacks? What discussions has the cabinet secretary had with his counterpart in the United Kingdom Government?

Photo of Keith Brown Keith Brown Scottish National Party

As Martin Whitfield would expect, there has been substantial discussion with the UK Government and very good collaboration.

We have invested an additional £1.5 million to set up the centre that I mentioned, and that is on top of the £1.16 million that we will invest in furthering the vision of the strategic framework for a cyber resilient Scotland.

That investment is building on what is being done with the UK Government in collaboration. That work has to be done in collaboration, because many of the powers are reserved, so it makes sense to do that. There is a very effective relationship.

Martin Whitfield mentioned the attack on SEPA. There have also been attacks on public authorities in Ireland. That is a big concern for the Scottish Government, so we are ensuring that our public authorities are as secure as they can be. Much of the Government’s work in that regard is led by the Deputy First Minister. We take the matter extremely seriously, and I assure the member that there is a very effective relationship with the UK Government on the issue.