We use cookies to collect anonymous data to help us improve your site browsing experience.

Click 'Accept all cookies' to agree to all cookies that collect anonymous data. To only allow the cookies that make the site work, click 'Use essential cookies only.' Visit 'Set cookie preferences' to control specific cookies.

Set cookie preferences

Your cookie preferences have been saved. You can change your cookie settings at any time.

Publication - Advice and guidance

Scottish Cyber Coordination Centre - vulnerability coordination: policy and procedure

Published
3 January 2025
From
Director of Digital
Directorate
Digital Directorate
Topic
Public safety and emergencies, Public sector
ISBN
9781836911869

Outlines the policy and procedure for Scottish Cyber Coordination Centre (SC3) to alert and, where appropriate, coordinate responses from the Scottish public sector organisations, to cyber-attacks that exploit a previously unknown vulnerability.

View supporting documents Supporting documents

UK Level Coordination

4.1 SC3 works closely with the National Cyber Security Centre (NCSC) , Cabinet Office Government Security Group (UK GSG) and UK Government Cyber Coordination Centre (GC3) to identify, alert and collate information on nationally significant cyber security vulnerabilities. A national scoring matrix is in place to determine levels of severity and impact. (the matrix has not been reproduced within this policy.)

4.2 SC3 will, where appropriate, will seek responses to enable collation and assessment of the Scottish picture to support the national risk picture. This allows the SC3 to contribute to the UK level coordination which seeks to identify a Commonly Recognised Intelligence Picture (CIRP) around the exposure to the risks and steps taken to mitigate them.

4.3 Where the vulnerability is widely discussed in the media NCSC Comms are likely to provide the lead on what media lines to take.

Contact

Email: SC3@gov.scot

Back to top