Four in ten Scots firms 'do not feel prepared for cyber attack'

Nearly four in ten Scottish businesses do not feel prepared for a cyber attack, prompting “cause for concern”, according to the Scottish Business Resilience Centre (SBRC).

The study also revealed that two thirds of those surveyed believe cyber security has become more important for their business over the past year.

The Linlithgow-based organisation said the findings come one year after the National Cyber Security Centre (NCSC) relaunched Cyber Essentials, a government-backed scheme to help organisations become better protected against such attacks, with cyber security specialists IASME Consortium as its partner.

Sign up to our daily newsletter

The i newsletter cut through the noise

The course claims that businesses that become Cyber Essentials-certified can prevent or limit the fallout from up to 80 per cent of common cyber attacks.

The SBRC says the number of cyber attacks have risen in the past year as criminals seek to take advantage of our increased reliance on technology. Picture: contributed.

More than 250 Scottish business-owners, chief executives, and people who work in IT were surveyed in April as part of the SBRC-commissioned research, revealing that about 80 per cent were aware of Cyber Essentials – but only 54 per cent knew the benefits it can bring to an organisation.

The SBRC also said some UK government contracts now require the certification and other organisations may prefer to work with certified companies. “As a result, 37 per cent of businesses whose company is not Cyber Essentials or Cyber Essentials Plus certified believed that they have lost out on business as a result,” it said.

Read More

Read More
How Scottish businesses can prepare for a cyber incident

SBRC chief executive Jude McCorry said: “We’ve seen the number of cyber attacks rise over the past year, and a change in the type of attack as cyber criminals seek to take advantage of our increased reliance on technology while working remotely.

SBRC boss Jude McCorry warns firms that it's not a case of ‘if’ your systems will be attacked, but ‘when’. Picture: Lisa Ferguson.

"It’s not a case of ‘if’ your systems will be attacked, but ‘when’ – so it’s vital that business-owners go on the offensive and prepare themselves, particularly as the majority of attacks are basic in nature and can be prevented. Learning that so many businesses aren’t confident in how they can prevent attacks is cause for concern.

“Cyber Essentials is a simple way for business-owners to become more aware of their cyber processes, and accreditation demonstrates to their customers and suppliers that they take their cyber resilience seriously.”


Ms McCorry, who has more than 20 years’ experience in the technology sector and was previously director of business development at The Data Lab, added: "Improving your cyber defences could mean the difference between your company surviving a cyber attack or losing all your systems and data.”

IASME chief executive Emma Philpott also commented: "We are pleased to be able to work in close partnership with the SBRC and support their activity with spreading awareness of cyber activity throughout Scotland. By offering crucial support and advice to Scottish businesses, they are making the UK a safer place to do business."

SBRC is a non-profit organisation that started out as the Scottish Business Crime Centre in 1996, and was renamed in 2013 to reflect its broader remit. It is funded by a range of private and public partners including the police, Scottish government, Association of Scottish Clearing Banks, the drinks industry, and Scottish Fire and Rescue Service.

A message from the Editor:

Thank you for reading this article. We're more reliant on your support than ever as the shift in consumer habits brought about by coronavirus impacts our advertisers.

If you haven't already, please consider supporting our trusted, fact-checked journalism by taking out a digital subscription.


Want to join the conversation? Please or to comment on this article.