Cyber Security Evolution Scotland

In a world of constant online connectivity, cyberattacks aren’t a possibility, but an inevitability. It may not be today, it may not be tomorrow, but every business is playing the waiting game.

Waiting to respond to attacks is not a winning strategy. How can we proactively tip the odds of the game in favour of public interest and private protection when cybercrime is on the rise and becoming more sophisticated?

Since 2017, there has been a 72% increase in stolen, lost, or compromised records. Social media incidents account for over 76% of records breached and 65% of data breach incidents involved identity theft. It’s no longer possible for past security measures to remain effective in fighting cybercrime - there needs to be a full-scale investment in technological innovation to protect ourselves from changing cyber threats.

The price of cyberwarfare

The rising rate of cybercrime may have cost the world £466.8bn ($600bn) last year, about 0.8% of global GDP. But, cybersecurity professionals are now earning an average of £72,500 annually to fight the global cybercrime epidemic. These highly-skilled professionals are in demand. As a result, Scottish businesses, among many other nations, are going to be faced with challenging issues in the coming years in their fight for cybersecurity.

Defending our Energy Industry and its Industrial Control Systems against the Cyber Threat Spectrum 

The introduction of the Network and Information Systems Directive (NIS-D) in 2018 was expected by many to be a watershed moment in ICS cyber security, as it introduced robust regulations and processes to secure control systems from cyber threat. One year on however, industrial cyber incidents continue to rise, fuelled by the ongoing increase in threat capabilities and attack methods.

Beyond the immediate physical threat to ICS, 2018 witnessed the development of new attack methods – for example, cyber actors using unsecured systems to target Intellectual Property (IP) and personal data, with targeted attacks on IP making up almost half of all recorded cyber incidents last year.

With industrial control systems continuing the trend towards total automation, and cross-sector global, integrated networks becoming increasingly common, maintaining robust cyber defence remains critical to assuring business continuity.

As those connected ICS continue to expand the potential attack surface, stretching already limited cyber resources, cyber security is no longer the exclusive remit of the cyber. Engagement of OT and board members in cyber security continues to present challenges in the cyber domain.

Management boards and government officials now understand that modern cyberattacks to ICS and SCADA systems are occurring at an alarming rate, these attacks can easily bypass perimeter defences, shut down production facilities, and have a major impact on financial results — as well as major safety consequences.

Legislative entities are also paying attention to these critical issues. In their recent report, the House of Lords and House of Commons address cyber risks to UK critical national infrastructure (CNI) and how to respond to them. EU’s Directive on Network and Information Systems (NIS-D) is the first EU-wide legislation requiring critical infrastructure organisations to implement stronger security and breach reporting for ICS/SCADA networks.

As such The Future of Cyber Security Scotland will have a dedicated afternoon focus on these critical issues, with Industry renowned experts including Scottish CNI Chairman sharing their wealth of knowledge. 

The programme with a difference

Cyber News Group has been running the most credible cyber conferences in the world for 12 years, guiding the industry towards new opportunities. We invite all senior private sector ICT and security professionals to take part in our latest event and to think critically about what’s next for cybersecurity nationally and internationally.

From 9 am to 5 pm, March 26th 2019, we will examine how Scottish businesses and institutions are ensuring they have the capacity to protect themselves and others against the catastrophic effects of cybercrime. Join experts, peers, and key stakeholders as we delve deeper into Scotland’s cyber resilience community and the future of our defences.

Key issues to be addressed

We build on previous discussions in London and Manchester, giving insight into Scotland’s cybersecurity landscape as well as covering a range of other cutting-edge issues. These include:

  • Emerging technologies in cyber defence
  • Developing threats in cybersecurity
  • How Scotland’s public and private sector are driving security innovation
  • Anatomy of modern ICS/SCADA malware

  • Case study: Leveraging existing SIEMs for unified IT/OT monitoring

  • Key NIS-D requirements and how to address them

  • How to present OT risk to the board

  • 2019 Global ICS & IIoT Risk Report – a data-driven conversation about real world vulnerabilities in ICS/SCADA production networks

  • Protecting the UK’s Critical National Infrastructure (CNI)

  • Business preparedness, prevention, detection, and response to attacks
  • Security beyond technology - building a culture of awareness and secure behaviour in organisations