It has been a turbulent month on the cyber security front, and let’s be clear – we can expect to see many more incidents of this scale or larger in the future. Anyone who assumed the recent NHS cyber attack was an isolated incident, restricted to the public sector, would be wrong. So how can we address this collectively and what can Scotland PLC do to make sure we are ready when the next incident happens? Fear as a message just isn’t working – the customary image of shady characters in hoodies hunched over a computer screen is perhaps even having a detrimental effect. The reality is that attacks, and those behind them, are becoming more sophisticated. Wouldn’t it be great if Scotland really seized this opportunity and together we started to accelerate a programme of change, supporting rather than scaring our business community? Everyone has been waiting for a silver bullet. Ironically Wannacry, the name given to this particular ransomeware attack, is it. There is a short window to address this and an even shorter timeframe when people will still be close enough to the recent incident to listen. So how can we shift the collective mindset? Imagine cyber security as the fifth utility, being as confident about it as you do about phone, water, gas or electricity. Suppose your electricity went off tonight or your water was deemed unsafe. You would know who to call to resolve it. If you were you considering buying or renting a business or house, these fundamentals would be a given – so embedded in our planning that we expect to know usage, providers and costs. We expect to see utilities appear transparently in home reports, in sale and rental advertisements. If we don’t like the performance, or things don’t work, we can switch.
We must help all sizes of business to be confident asking the right questions about this, our fifth utility. As our business and everyday lives becomes increasingly digitally reliant, business needs confidence in preparing against future debilitating incidents. Scotland needs a clear vision and leadership in cyber security to transform the business landscape. There has been a huge momentum of activity carried out in light of the recent ransomware and the ambition of the Scottish Cyber Leaders Board is to be commended.
There should be confidence in the resources available, whether for the business community or young people or old. We need accessible facilities such as the proposed cyber hub for Scotland – providing services, research and training, and working directly with the technical community. We need to develop a pride in this technical community of security while nurturing a growing and enviable tech community of new spin outs, innovators and up and comers. Let’s continue Scotland’s proud heritage of foresight, of innovation, of talent and an agility,and growing a business proposition that makes us compelling to investors – and compelling to ourselves. Mandy Haeburn-Little is chief executive of the Scottish Business Resilience Centre and a member of the Scottish Cyber Leaders Board