Hamilton Forth’s Alistair Shaw and Rachel Sim had the pleasure of attending the Scotland IS State of the Nation Breakfast Briefing in partnership with Cisco last week at the Grand Hotel, Glasgow. It was a novelty to meet in person and network face-to-face, where speakers from Cisco and The Scottish Government shared their thoughts on the changing cyber landscape. Hamilton Forth’s Rachel Sim shares highlights from the event.
The morning started off with Cisco’s Colin McMillan discussing the current cyber threat landscape, including insights of the war in Ukraine. With cyber-attacks advancing and become more business and life threatening, it is essential that organisations review their current risk mitigation strategies. These recent events have been a reminder of the importance of online protection and how volatile organisations can be. As pressure mounts, cyber professionals are becoming overworked and unable to deal with the pace of change and advancement. A timely reminder to consider the stresses any cyber team faces. Developing your cyber team through investment, upskilling and training will be essential to ensuring organisations are protected.
Cisco’s Mark Jackson followed, sharing the effects of cyber security on the supply chain. Each and every organisations’ supply chain is made up of a vast range of suppliers; whether this be the IT businesses who provide software or the caterers who provide for events. While organisations can put in place internal cyber security measures to protect their customers, how can they be sure that the suppliers who support the organisation are doing the same? By putting in place more stringent legislation which holds organisations accountable, organisations can trust that everyone is maintaining the same high standards of security. Transparency will be key to ensuring organisations and their customers are protected.
This led to Mark introducing us to “SBOM”. The acronym for software bill of materials; “a machine-readable list of metadata describing the components from which software is built”. Cisco have committed to providing organisations with SBOMs upon the purchase of software, this is likely to be put in place by the beginning of 2023.
Keith McDevitt finished the morning’s talks with a discussion on cyber policy and strategies.
At Hamilton Forth, we work with several public sector clients, and could empathise with the challenges that cyber security faces in the public sector, having witnessed the same in public sector recruitment. With resources in the public sector often less than private sector, organisations are having to tackle the same issues but with less investment, headcount and tools. In private sector, the war for talent is as competitive, with organisations competing to offer top salaries and additional benefits to attract market leading talent. Keith discussed how one solution to the public sectors’ challenges could be the transition to a more collaborative approach to cyber security.
Similarly SMEs account for 99.3% of all private Scottish business, yet individually their resources are often limited. With a lack of resource and understanding, SMEs often ignore cyber security in hopes that they are too small to be a target, rather than prioritising putting in place essential preventative measures. Those that do strive to put cyber security measures in place often struggle to know where or how to start. However, with policies being put in place which will make it essential for all organisations to have security measures in place, SMEs will have no choice but to act.
Fortunately, a partnership between several public sector bodies such as Scotland IS, Education Scotland, Young Scot, National Cyber Security Centre and Police Scotland is being established. The Cyber Security Partnership will act as the central point for advice on cyber threats, security strategies and implementation. This platform will act as the central point for SMEs and public sector organisations to access support and guidance.
At the end of the talks, networking sparked conversations around encouraging young people and women into tech, upskilling from different industries and how language and communication can impact people’s perception of a career in cyber; all of which we will be discussing in the coming months.
To find out about future Scotland IS events, visit their website.
For a discussion around cyber talent, please contact [email protected].