SBRC to lead National Cyber Security Centre programme in Scotland

SBRC to lead National Cyber Security Centre programme in Scotland

Jude McCorry, CEO of SBRC

The Scottish Business Resilience Centre (SBRC) has won a tender from the Scottish Government to launch and deliver the National Cyber Security Centre’s Exercise in a Box to businesses in Scotland.

More than 250 organisations – from those in the Highlands and Islands all the way to the Borders – will be able to discover how resilient they are to cyberattacks and test their response in a safe environment, without worry about repercussion to their business.

The Exercise in a Box toolkit, created by the National Cyber Security Centre, provides a set of training tools to allow organisations to test their preparedness to the most common cyber attacks, and record and learn lessons from the exercising sessions.



The 9-month programme will be run by the SBRC’s cyber team with input from Police Scotland and other stakeholders. Organisations will be able to participate in the programme through a blended model of tabletop meetings and online sessions. Participants will gain a range of skills allowing them to continue refining their cyber resilience policies in their own time.

It is estimated that 65,000 cyber security attacks occur daily, and of these around 4,500 are successful. With further data suggesting that cyberattacks are on the rise since the COVID-19 pandemic hit, organisations need to be ready and able to deal with such an attack on their own organisation  – and know who to call on for support should such an event happen.

Aimed at small and medium-sized businesses, charities, local government and the emergency services, Exercise in a Box clearly outlines the key considerations an organisation should address when preparing a response to a cyberattack. This includes setting up, planning, delivery, and post-exercise activity, and the resource is available for free from the NCSC website.

Jude McCorry, CEO of SBRC, said: “The stress that businesses are currently under has placed an incredible strain on their overall resilience. Hackers are very opportunistic and have not missed an opportunity to prey on those working remotely. Businesses therefore cannot afford to skip a beat; Exercise in a Box will allow them to review their existing cyber resilience policies – and for many will help to shape these – to ensure they are ready to handle and respond to an attack on their organisation.

“The countrywide roll-out of this programme will be integral in helping us to ensure Scotland is one of the safest and resilient places to live, work and do business both on and offline.”

While it is hoped that the SBRC will be able to deliver some of the programme in a face-to-face setting, due to COVID-19 restrictions, it will run some of the programme online.

The organisation will be holding taster sessions for businesses to learn more about the Exercise in a box programme on 17th, 22nd and 24th September.

Registration is available here.

Share icon
Share this article: