News

Scottish Government publishes strategy for Cyber Coordination Centre, with NHS NSS as a core partner

The Scottish Government has published the strategic plan for 2024-2027 for the Scottish Cyber Coordination Centre, outlining the vision for a “digitally resilient nation” and setting out an overview of operating principles, functional structure and service development plans.

NHS National Services Scotland is to be a “core partner” among others such as Public Scotland and Police Scotland, required to “actively contribute to the development of the centre and support service offering”.

The centre is built around five key objectives, the first being to create a data-driven operation capable of tracking and evaluating actioning security metrics for every public sector organisation in Scotland. It will seek to ensure that public sector organisations remain informed and prepared with regards to current risks; reduce prevalence and remediation timescales of exposed vulnerabilities; increase the level of preparedness for cyber incidents across the public sector; and ensure clear definition, review, adoption and adherence to appropriate standards and practices.

Expanding on this, the operating principles underlining the centres work will be insight (prioritising understanding of cyber maturity and resilience, including technical and procedural controls and gaps); scale (developing “high-quality baseline services that can scale up” such as automation and self-service); re-use to avoid duplication; community (prioritising engagement with partners with a strong feedback loop); and agility (focusing on the ability to “quickly and effectively” respond to changing conditions and requirements).

Service development plans include creating a ‘Cyber Observatory’, described as an “internal platform that can ingest, store and process relevant cyber security indicators from all ‘in-scope’ organisations in a structured and dynamic manner”; and developing an “easy to use and intuitive tool” for organisations to record status and compliance. There are plans to roll out a public sector supplier assurance tool, designed to support organisations in conducting due diligence against technology vendors and third parties, and plans for rolling awareness campaigns highlighting key risks against the public sector.

Another key focus will be on incident coordination, with a Major Incident Coordination service to “orchestrate and enhance” response efforts against multi-agency cyber attacks. This will include the formal embedding of the ‘Public Sector Cyber Incident Notification Programme’, which will require public sector organisations to report within a specified timeframe to enable response activities.

Other plans include a “robust, standardised and reusable process and playbook” for best practice; an improved cyber resilience early warning (CREW) mechanism with a self-service feature to enable organisations to opt in or out of CREW notifications by category or theme; a vulnerability management function, capable of delivering “active cyber scanning capabilities, at organisation, domain or IP level”; automated and curated reporting on demand or at regular intervals; and a service for scraping the dark web for news relating to Scottish public sector organisations, along with a service for evaluating and deploying “deception technologies” to monitor attacker interest in this space.

Ultimately it is hoped that the centre will enable a unified and coordinated approach to cyber resilience, providing specialist services and targeted support and an opportunity to “raise the bar” on national cyber maturity with use of data-driven insights.

The strategy can be found in full here.

Cyber security in the spotlight

Last week, HTN reported on the planned transition from the DSPT to the Cyber Assessment Framework, including the mandatory supplier audit; find out more here.

We highlighted news from the North East and Yorkshire, where NHS England has partnered with the North East Business Resilience Centre on a pilot project designed to tackle cyber security threats by delivering ‘digital health checks’ for small and medium businesses.

We also interviewed Chad Holmes, security evangelist for Cynerio, to talk all things cyber security in the healthcare space.

Also from Scotland

Last month HTN explored the strategic framework for 2024-2026 from NHS NSS, setting out the organisation’s vision, values and priorities.

We explored the Digital and Data Capability Framework, launched in Scotland with the aim of supporting digital skills and competencies across the entire health and social care workforce.

And earlier in the summer NHS Education for Scotland published its climate emergency and sustainability strategy for 2024-2027.