Scottish Cyber Coordination Centre - vulnerability coordination: policy and procedure
Outlines the policy and procedure for Scottish Cyber Coordination Centre (SC3) to alert and, where appropriate, coordinate responses from the Scottish public sector organisations, to cyber-attacks that exploit a previously unknown vulnerability.
Vulnerability Coordination
7.1 SC3 will seek to coordinate responses to vulnerabilities that are either
- Critical and Known to be Exploited, or
- Meet the NCSC/ GC3 Coordination requirements
7.2 Where vulnerabilities meet the SC3 Coordination criteria SC3 will seek the following responses from public sector organisations.
- a response within 2 working days from public sector organisations indicating if they are exposed to the vulnerability (negative returns are required to ensure an accurate picture of risk is captured)
- a response within 2 working weeks from notification with confirmation of the steps taken to mitigate the vulnerability
- in exception a response in a shorter time frame where the risk identified merits this.
7.3 Where the vulnerabilities meet the collation threshold SC3 will seek to gather and assess the information on the extent to which the Scottish Public Sector organisations are exposed to the particular risk.
7.4 SC3 will liaise with the NCSC and GC3 with regards to assessing the responses to contribute to the Commonly Recognised Intelligence Picture (CIRP) around the exposure to the risks for strategic considerations.
7.5 SC3 will assess the collated data which may be used to inform Senior Government Officials and Minsters on risks emanating from the alerts and the steps taken to address them.
Scottish Cyber Coordination Centre - 0300 244 9700
Contact
Email: SC3@gov.scot
There is a problem
Thanks for your feedback