February 22-28, 2021, was cybersecurity week in Scotland. There were many interesting events and knowledge sharing resources. Among them, the Scottish Council for Voluntary Organisations (SCVO) ran a number of nonprofit-focused workshops. Recordings are embedded below.
This first session occurred before cybersecurity week, but is useful as an introduction to how and why you should look at cybersecurity and cyber resilience.
Looked at simply, the Scottish Council for Voluntary Organisations (SCVO) recommends nonprofits take three key actions:
Good governance webinar - trustees and cyber resilience (3 February 2021)
How to successfully embed Cyber Security into your organisation's culture - 22 February 2021
Hosted by Alison Stone (Cyber Resilience Coordinator, SCVO) with guest speaker David Butterell (Head of Information Security, StepChange Debt Charity).
You can easily train your team in cyber security awareness but to be truly effective you must grow a security culture. David shares his expert experience about how StepChange Debt Charity has built a recognisable cyber security “brand” which balances personal life with work life. Their “Step Securely” campaign runs across a range of media, in order to deliver a message, raise awareness and truly grow a security culture.
DigiShift - Starting your journey in cyber resilience - 23 February 2021
Hosted by Ross McCulloch (Third Sector Lab ), with Alison Stone (Cyber Resilience Co-ordinator, SCVO) with guest speaker Robbie Ross (Chief Security Officer, Converged Communication Solutions). How do you eat a cyber security elephant? One piece at a time!
Your digital footprint. What does the internet know about you? 23 February 2021
Hosted by Alison Stone (Cyber Resilience Coordinator, SCVO) with guest speakers Jess McBeath (Online Safety Specialist at Jess digital) and Abdullah Khan (Senior Ethical Hacker)
Do you really know how much information there is about you floating around the internet? Do you understand how this information we all share so readily can be used against you via social engineering? Join two subject matter experts to learn how you can make this work for you, not against you! Online harms expert, Jess McBeath will give you hints on how to review and refine your personal digital brand. Ethical Hacker, Abdullah Khan will give an overview of Open Source Intelligence and provide a demonstration of just how much information can be gained about you from open sources. Spoiler alert – it's LOTS.
Avoiding scammers and schemers - keeping users safe online - 24 February 2021
Hosted by Alison Stone (Cyber Resilience Co-ordinator, SCVO) with guest speakers Ian Murphy (CEO, CyberOff) and Mike Smith (Cyber Protect Officer, Police Scotland). The digital world can be a wonderful place - but it can also be a dangerous place. Scams and Scammers abound with 231,607 reports made to the National Fraud Intelligence Bureau (NFIB) worth a massive £1.4 billion in losses to individuals and organisations from 1st April - 1st December 2020.
Alison Stone and Mike Smith are delighted to be joined in our Scammers and Schemers session by the irreverent cyber education guru that is Ian Murphy of CyberOff. Ian is well known for his tongue-in-cheek cyber security videos – those ones with the interesting, humorous, catchy and sometimes less than PG content, which embed cyber security messaging in a light-hearted and fun way that people actually engage with. Ian shares his wisdom on why we (that is you and me!) fall victim to scams on the internet by starting this session with his world renown (his words) “Are we stupid or what?” presentation. Mike and Alison share useful signposting to resources and actions for you to take to avoid becoming a victim.
Cyber Essentials - Ask the experts: an introduction to the scheme - 25 February 2021
Cyber Essentials is a UK-based accreditation to demonstrate that your organisation takes cyber security seriously. The CE certification process will help you to protect your organisation against a whole range of the most common cyber attacks. This helpful session is aimed at charities considering undertaking CE certification AND at organisations already working through the process as part of SCVO’s CE granting.
Hosted by Alison Stone (Cyber Resilience Coordinator, SCVO) with guest speakers Steve Hodson (Head of Operations, Hey Girls CIC), Mark Riddell (Managing Director, m3 Networks) and Neil Furminger (Certification Technical Lead, IASME Consortium). They were joined by Scotland-based Hey Girls CIC, who gained CE certification themselves earlier this year and by CE experts from IASME, who are NCSC's appointed Cyber Essentials Accreditation Body, and M3 Networks, who are IT Managed Service experts.
Cyber 101 - Resilience advice for small charities, in association with Police Scotland - 26 Feb 2021
Hosted by Alison Stone (Cyber Resilience Co-ordinator, SCVO) with guest speakers Mike Smith and James McGoldrick (Cyber Protect Officers, Police Scotland) and Kirstie Steele (Cyber Resilience Community Lead, Scottish Business Resilience Centre).
Cyber 101 provides a concise but comprehensive summary of the main threats faced by small charities online, the key steps that can be taken to help defend against them and to provide an awareness of the resources and organisations that are available to help you on your journey to becoming a truly Cyber-Resilient organisation.