Cyber resilience
Contents |
[edit] Introduction
The Single Procurement Document (Scotland) - also referred to as SPD (Scotland) contains questions used at the selection stage for post-Brexit procurement exercises in Scotland to identify suitably qualified and experienced bidders.
The Supplier Journey portion of the Scottish Government’s procurement guidance website offers an overview of the different types of procurement procedures that are available under SPD (Scotland). This includes an explanation of the cyber resilience of suppliers - as it relates to the Scottish public sector.
[edit] Concerns over security
As defined by the Supplier Journey Glossary, cyber resilience is the ability to prepare for, withstand, rapidly recover and learn from deliberate attacks or accidental events in the online world.
Cyber resilience measures can help organisations:
- Prepare by protecting them from cyber risks.
- Withstand an attack by defending against and limiting the severity attacks.
- Recover and learn by ensuring that operations continue despite an attack.
The number of cyber attacks targeting suppliers to the public sector has grown. Attacks can (intentionally or otherwise) disrupt and damage both suppliers’ services and public services.
[edit] Ensuring security
Against this background, the Scottish public sector has taken measures to ensure its suppliers have appropriate cyber security in place.
The Scottish Government sees this as an opportunity to build relationships with suppliers that have invested in cyber security within their organisations.
The Scottish Government has offered resources to assist suppliers that have expressed an interest in adopting a more consistent approach to cyber resilience. These tools are included in a Guidance Note which has been developed to help public sector bodies embed cyber resilience into the supply chain process.
These resources include:
- CSPST guidance for buyers.
- CSPST guidance for public sector suppliers.
- Cyber resilience: example tender and contract wording.
- Cyber resilience: cyber implementation plan and example.
- Cyber Security Procurement Support Tool (CSPST).
Completing the CSPST questionnaire can be a time consuming process; suppliers are advised to allocate a sufficient amount of time in advance of deadlines in order to participate in the procurement process.
There is additional guidance for public sector buyers and suppliers on how to use CSPST in procurement processes.
[edit] Related articles on Designing Buildings
- Cyber security.
- Cyber-security and phishing.
- Mitigating online risk with Cyber Essentials security.
- Single Procurement Document (Scotland).
- Supply chain.
- Technology helps quash conflict in the supply chain.
- UK organisations encouraged to review cyber security in response to situation in and around Ukraine.
[edit] External resources
- Scottish Government, Cyber Security Procurement Support Tool: supporting guidance for public bodies.
- Scottish Government, Supplier Journey.
- Scottish Government, Supplier Journey Glossary.
Featured articles and news
From Chaucer to Fawlty Towers.
Electrotechnical excellence, now open for entries.
Net zero electricity grids BSRIA guide NZG 5/2024
Outlining the changes needed to transition to net zero.
CIOB Global Student Challenge 2024
Universitas Indonesia wins for second year running.
New project and cultural district described in detail.
The nature of EPCs, crticism and inaccuracies.
History, issues and redesign.
From waste recycling to energy performance the hierchy.
An introduction to WERCS and WEEE responsibilities
Dealing with 2 million tonnes of waste equipment a year.
Global BACS Market: analytics and optimisation
A BSRIA glance at building automation and control systems.
What it is and how to use it.
Types of insulating plaster by binder and insulant.
Investors in People: CIOB achieves gold
Reflecting a commitment to employees and members.
Scratching beneath the surface; a guide to selection.
ECA 2024 Apprentice of the Year Award
Entries open for submission until May 31.
UK gov apprenticeship funding from April 2024
Brief summary the policy paper updated in March.