Skip to the content

Follow us @UKAuthority

Scottish public sector gets Cyber Assessment Service

30/01/20

Mark Say Managing Editor

Scotland’s Safer Communities Directorate has unveiled a tool to help the public sector improve the cyber security of its supply chains.

Lock icons on screen

Named the Scottish Cyber Assessment Service (SCAS), it has been developed with bodies including the Digital Office Scottish Local Government, is currently in open beta and is free to use for public authorities in the country.

The directorate, which is within the Scottish Government, has also published guidance for buyers explaining the key features of the service and how they can embed it in their procurement processes.

It points to reading the guidance note as the first step in using the tool, followed by carrying out a risk profile assessment then a supplier assurance questionnaire. It is possible to learn more from building a dashboard and exploring guidance from bodies such as the National Cyber Security Centre.

The guidance outlines 12 principles of supply chain security separated into four stages: understanding the risks; establishing control; checking arrangements; and continuous improvement.

Among the key steps are to know suppliers and understand what their security looks like, set and communicate minimum security arrangements to suppliers, and provide support for security incidents.

The directorate has also published an example tender and contract wording document.

Image: http://eng-cs.syr.edu/research/cybersecurity

Register For Alerts

Keep informed - Get the latest news about the use of technology, digital & data for the public good in your inbox from UKAuthority.