CyberScotland Week 2024

20.03.24 02:57 PM By Keven Anderson

CyberScotland Week is an annual initiative to, in CyberScotland's own words, “bring people and organisations across Scotland together to raise cyber security awareness and build cyber resilience.” It sees organisations across Scotland host events for the general public and for the infosec community, to help highlight different risks and show how you can protect yourself. This year, CyberScotland Week ran from Monday 26th February to Sunday 3rd March.

CyberScotland Week 2024


We were keen to get as involved as we possibly could. As a company, our entire raison d'être is helping organisations become more cyber secure. We don’t just do this through our services (though our main offering, Cyber Essentials assessment and certification, is about exactly that)—we also do what we can through our company culture, both internal and external, and this includes offering free events to the public as and when we can. With this in mind, CyberScotland Week was really not something we wanted to miss!

That was a long way to justify why we ended up hosting or being involved with six events this year. We also did our best to get these recorded, so many are now available to access (for free) even if you couldn’t make it at the time.

Here’s a rundown of what we got up to:

Event 1: Protecting your organisation with Cyber Essentials

Monday 26th February, 2pm – 4pm

This was an in-person run-through of the Cyber Essentials scheme and how it can help protect your organisation, peppered with hands-on demonstrations so you could see exactly how the controls can help keep your data and systems secure. Delivered by our Global Operations Director, Cary Hendricks, it was a really great opportunity to not only hear about the scheme but to get some expert advice on establishing a baseline level of cyber security at your organisation.

This session was not recorded, but a shorter online version was (see Event 5 for details!).

Event 2: Get Ready, Contestants…

Tuesday 27th February, 11am – 11.45am

We were keeping Cary busy! We were honoured that he was invited by Basil Manoussos, Manager of The Cyber Academy at Edinburgh Napier University, to present a talk as part of ‘Basil’s Cyber Marathon’—24 hours of back-to-back live talks from industry experts. Cary chose to draw on his experiences of a huge range of cyber security specialities and show how these all related to GRC (governance, risk, and compliance).

The session was recorded—we will update this post when the recording is released.

A screenshot from Cary's talk, Get Ready Contestants, delivered as part of Basil's Cyber Marathon

Event 3: Big Cyber Security Ideas for all business sizes—the plain English edition

Wednesday 28th February, 10am – 12.30pm

We were determined to not only make this CyberScotland Week about how we could support organisations needing advice on their setups and systems but also about how we could support the wider cyber security community, so that they could in turn support organisations. To this end, we were delighted that we were able to offer a space (both physical and digital) for the co-founders and directors of Damn Good Security (one of our partners) to deliver workshops during CyberScotland Week.

The first of these was delivered by David McKenzie, whose session focused on simplifying what cyber threats are and what you can do to protect you, your business, and your family from common cyber threats. No acronyms, no fuss, no nonsense—just explanations of what cyber attackers are doing and what you can do to help not be their next victim.

The session was recorded and is available here.

Event 4: "Your front door is open": How to respond

Wednesday 28th February, 2pm – 4.30pm

The second Damn Good Security workshop was delivered by Scott McGready, who presented ways to help protect your data, systems, and people without running a 24/7 Security Operations Centre (SOC). Examples included bucket diving ("found" via open source intelligence), responsible disclosure/security.txt and what to do when you get 'the email' from Scott, and how to spot if someone is poking around (canaries).

The session was recorded and is available here.

Scott McGready from Damn Good Security delivering his talk on responsible disclosure

Event 5: Protecting your organisation with Cyber Essentials (online version)

Thursday 29th February, 2pm – 3pm

This was the online version of Event 1. Cary gave an overview of the Cyber Essentials scheme and how it can help protect your organisation. As well as explaining the Five Key Controls of the scheme, he demonstrated common ways that systems can be accidentally left unsecured or vulnerable. As with Event 1, it was a really great opportunity to not only hear about the scheme but to get some expert advice on establishing a baseline level of cyber security at your organisation.

The session was recorded and is available here.

A screenshot from Cary's talk on Cyber Essentials

Event 6: ID Cyber Sessions Ep 14

Friday 1st March, 11am – 12pm

ID Cyber Sessions is our monthly webinar and interview series, and we were pleased that our March episode release date coincided with CyberScotland Week! This interview was with James and Chris Bore, of Bores. James and Chris spoke with our assessors Alice and Steve about a huge array of topics, including threat modelling, running a family business, and information security in an early years context.

The session is available here.

________________________________________________________________

And that’s it for another year! We were pleased to be able to offer such a variety of events and to be able to not only provide advice to organisations but also provide a venue for our partners within the cyber security industry.

And, of course, we’ve already got our planning hats on for 2025, so watch this space…

Keven Anderson