Current geopolitical uncertainty and the increased threat from hackers makes this month’s Cyber Scotland Week more pertinent than ever before. Global technology firm CGI is supporting the event with a wide range of initiatives. By Nan Spowart
CYBER Security is always a going concern in the present era but recent events have highlighted that its importance is greater than ever.
That’s one reason global technology company CGI is glad to see the topic being brought into sharp focus by Cyber Scotland Week which begins at the end of this month.
With activities designed for every age and ability, from parents to business leaders, the week aims to show the need for cyber security in almost every sphere.
To coincide with the week, CGI is bringing its Cyber Escape Experience back to Scotland to resume a tour of schools and companies that was interrupted last year by pandemic restrictions.
Senior consultant John Hales, who is based at the company’s Glasgow office, will also talk at the opening event on February 28 about the implications for resilience and privacy posed by the switch to hybrid working.
The current geopolitical uncertainty is an additional risk to cyber security and the UK Government’s National Cyber Security Centre (NCSC) is urging UK organisations to bolster their cyber security resilience in response to the malicious cyber incidents in and around Ukraine.
“If the situation does deteriorate further there is the potential for issues, whether they be intentional or not,” said Richard Holmes, CGI UK’s head of cyber security.
He points out that the threats to businesses from cyber security are increasing as the use of technology becomes more widespread. This is illustrated by the discovery only a couple of months ago of a software vulnerability which affected an estimated 40% of businesses worldwide.
The vulnerability, called LOG4J, was significant because of the proportion of computer systems impacted, as it was within a very common piece of software.
What made it even more of a threat was that it would not have been particularly difficult to take advantage of the vulnerability in order to compromise the affected systems.
Urgent action was required - which meant that while much of the working population was worrying about having to cancel Christmas parties because of the pandemic – companies like CGI were working round the clock to identify clients potentially at risk in order to protect them until software developers could update their products to remove the vulnerability.
“A significant amount of work happened the week before Christmas and then through the festive period as the different software vendors
released patches for their software that mitigated and removed the vulnerability,” explained Mr Holmes.
“Organisations had to take steps to guard against their systems being exploited while they were waiting for the arrival and release of updates. They had to look for bad actors scanning for the vulnerability and looking to exploit it.
“You have to take mitigating steps to protect yourself while waiting for an update, then you do the patching so you are properly protected.”
Mr Holmes explained: “We had to step up our defensive monitoring capability in the short term, then we had to roll out patches as they became available very quickly. I think the whole industry reacted very well but it is a good example of the need to be alert for these sorts of issues.”
As part of the increasing importance of cyber security to all of us, the UK Government has recently published an updated National Cyber Strategy, first launched ten years ago.
“This, coupled with the existing Strategic Framework for a Cyber Resilient Scotland that was published last year, shows the continuing trend in the UK and Scottish Governments to reflect the importance of cyber security as one of the building blocks of a prosperous and stable society,” said Mr Holmes.
“It sees cyber security as a priority not only for Government but for all businesses, especially those that supply essential services.”
CGI’s own clients are aware of the risks and it has become the most frequently identified priority for many of them.
“Every year we interview all our clients in all sectors about their priorities, whether it is business or IT, and for the last few years cyber security has been mentioned more often than any other topic as being a priority,” said Mr Holmes.
“That is for a number of reasons including the well-publicised attacks that disrupt services and the need to make sure data protection and privacy legislation is adhered to.”
Holmes said cyber security would become even more important as ‘Smart Places’ initiatives become more common, which he says are all about making use of – and getting the benefit from – connected devices to provide new and enhanced services for people whether it is local authorities trying to improve refuse collections or traffic management.
“There is a continual drive to making more things connected and they are all drivers for making sure you take cyber security seriously,” he concluded.
-------------------------------------
No escaping online threats in digital age
A FUN way to learn more about cyber security is through CGI UK’s recently launched Cyber Escape Experience constructed with the help of a Scottish business.
This is returning to Scotland to coincide with Cyber Scotland Week, which runs from February 28 until March 5. It will tour the country offering schools and businesses the chance to find out more about the topic in an entertaining way.
The CGI Cyber Escape Experience will visit Glasgow first, then Lanarkshire, Edinburgh and the Scottish Borders – continuing a tour that began in Aberdeenshire in October but was then disrupted by Covid restrictions in Scotland.
Designed with the help of Edinburgh-based Boundless Workshop, it has been constructed within a 40ft shipping container as a mobile escape room with cyber security as its theme.
It has recently been touring south of the Border, and so far the public’s response has been “fantastic” according to CGI’s Richard Holmes.
“We’ve been really delighted with the engagement and positive feedback we have had from schools and companies that have taken part – it’s definitely a fun experience that has helped energise and engage people,” said Mr Holmes.
“It’s great to be able to take it all over the UK, and it is particularly good to get it back to Scotland since it was built in conjunction with an Edinburgh company.”
He pointed out that technology company CGI was a serious company working on serious projects but decided the escape room would be an innovative way to engage with various stakeholders around the subject of cyber security as well as engage with the community.
“We did a lot of work to get the balance of making it cyber security themed, with proper messaging and real lessons in it about cyber security, but still be very much an escape game,” said Mr Holmes.
“It touches on issues like phishing and how one misguided click can be a risk for you and allow you to get breached, as well as physical security such as making sure information is disposed of correctly.
“It also has messages about choosing your passwords and the need to be careful on social media about what you give away.
“It also highlights what you can do to make sure your organisation does not suffer a cyber attack, as well as what to do to mitigate the effects if there is one.”
Why are you making commenting on The Herald only available to subscribers?
It should have been a safe space for informed debate, somewhere for readers to discuss issues around the biggest stories of the day, but all too often the below the line comments on most websites have become bogged down by off-topic discussions and abuse.
heraldscotland.com is tackling this problem by allowing only subscribers to comment.
We are doing this to improve the experience for our loyal readers and we believe it will reduce the ability of trolls and troublemakers, who occasionally find their way onto our site, to abuse our journalists and readers. We also hope it will help the comments section fulfil its promise as a part of Scotland's conversation with itself.
We are lucky at The Herald. We are read by an informed, educated readership who can add their knowledge and insights to our stories.
That is invaluable.
We are making the subscriber-only change to support our valued readers, who tell us they don't want the site cluttered up with irrelevant comments, untruths and abuse.
In the past, the journalist’s job was to collect and distribute information to the audience. Technology means that readers can shape a discussion. We look forward to hearing from you on heraldscotland.com
Comments & Moderation
Readers’ comments: You are personally liable for the content of any comments you upload to this website, so please act responsibly. We do not pre-moderate or monitor readers’ comments appearing on our websites, but we do post-moderate in response to complaints we receive or otherwise when a potential problem comes to our attention. You can make a complaint by using the ‘report this post’ link . We may then apply our discretion under the user terms to amend or delete comments.
Post moderation is undertaken full-time 9am-6pm on weekdays, and on a part-time basis outwith those hours.
Read the rules here