Back to About SEPA

Cyber-attack

SEPA worked closely with Scottish Government, Police Scotland, the National Cyber Security Centre (NCSC) and the Scottish Business Resilience Centre (SBRC).

Sharing our learnings to help others

We voluntarily commissioned reviews from independent experts to help:

1. Ensure that SEPA further enhances its cyber security as the organisation builds new systems and practices.
2. Allow others to learn from SEPA’s experience to help better protect themselves from cyber-crime.

We published as much of the reviews as possible, supporting Police Scotland and Scottish Business Resilience Centre's to support organisations to be cyber ready, resilient and responsive.

• SEPA: Response and recovery from a major cyber-attack
• Azets: SEPA Internal Audit Report 2020/2021 Cyber Attack – Response
• Azets: SEPA Internal Audit Report 2020/2021 Cyber-Attack – Lessons learned
• Police Scotland: Cyber-attack response debrief
• Police Scotland: Cyber-attack response debrief management response
• Scottish Business Resilience Centre: SEPA cyber preparedness review

Further information

Cyber security advice

• Police Scotland
  • Protecting yourself against cybercrime
  • Cybercrime Harm Prevention guidance
• Scottish Business Resilience Centre
  • Register for the ‘Exercise in a Box’, a free, 90-minute non-technical workshop
  • Helpline for Scottish organisations in the event of a cyber-attack
• National Cyber Security
  • Cyber security advice for businesses, charities and critical national infrastructure with more than 250 employees
  • Cyber security advice for businesses, charities, clubs and schools with up to 250 employees