CyberScotland updates
News from CyberScotland and our Partner network
CyberScotland launches 'Boost your business' resilience campaign
CyberScotland Partnership has launched a new awareness raising campaign, Boost your business, encouraging businesses and private, public and third sector organisations across Scotland to take simple, practical steps to strengthen their cyber resilience. The campaign reinforces five everyday actions: reviewing basic protections, installing software updates promptly, using strong passwords and passkeys, ensuring all staff are cyber aware, and securing every device. There is a lot of information on where to find out more with links to useful resources.
NCSC publishes new guidance on AI and cyber security
The National Cyber Security Centre has published a series of blogs and guidance on the cyber security risks that come with artificial intelligence. One piece of joint guidance, written with international partners, advises organisations to take a cautious approach to AI systems that can act independently - searching for information, making decisions and taking actions without a human checking each step. The NCSC recommends starting with low-risk uses and making sure basic security measures are already in place before going further. A separate blog warns that AI is also speeding up how quickly weaknesses in software are being discovered, which could force organisations to roll out a large number of security updates across their systems at short notice - particularly for older software that is no longer supported.
Government publishes Cyber Security Breaches Survey 2025/26
The Cyber Security Breaches Survey 2025-26, published by the Department for Science, Innovation and Technology and the Home Office, shows that around 43% of businesses and 28% of charities reported a cyber incident in the past year. Phishing remains the most prevalent attack type, cited by 38% of businesses. While board-level engagement in large businesses rose from 27% to 31%, only 25% of businesses have a formal incident response plan. Ransomware among charities increased from under 0.5% to 1%, and AI risk management practices remain underdeveloped, with only around a quarter of organisations using or considering AI reporting they have security processes in place to manage AI-related risks.
Cyber security must work for everyone - including disabled and neurodivergent users
A blog published by Passion4Social in partnership with Lead Scotland argues that accessibility and cyber resilience are inseparable - and that security tools which exclude disabled and neurodivergent users create new risks rather than reducing them. With around 22% of the UK population identifying as disabled and an estimated 15% being neurodivergent, designing security systems around a narrow idea of the "typical" user leaves millions unable to use the very tools meant to protect them. The piece covers everything from inaccessible CAPTCHA and password fields, through to the largely untapped strengths neurodivergent professionals bring to cyber security roles and offers practical steps for organisations looking to build a more inclusive approach.
Scotland launches new secure digital health platform
The Scottish Government and Public Services Delivery Scotland have launched MyCare.Scot, a new secure online service where people in Scotland can access health and social care information and services in one place. The pilot is being rolled out nationally after a successful trial in NHS Lanarkshire. Users will be able to view their NHS records on the service, check information about medicines, allergies and vaccinations, and find local health and care services. More features are planned as the platform develops, shaped by feedback from users.
