Drive
The Drive pathway is for anyone involved in leading and influencing change across services and organisations (e.g. senior managers, service or programme leads). By developing the content in Embed, this pathway focuses on how cyber security concepts can be threaded through ways of working to drive change in organisations.
The Drive Pathway
Step 1 - Supporting Staff
| Reflect |
| Start this step by reflecting on how you think staff in your organisation feel about cyber security. Do you think they are generally quite confident, or not? If not, why might this be? |
| Read |
This article presents some of the findings from a recent survey which looked at workforce understanding of cyber security. Although based on NHS staff, the points in the article will still be relevant to any type of health or social care organisation: Link: 60% of NHS staff want more cyber security training, finds study |
| Task |
| Formulate a list of key questions that you could use to understand how staff in your organisation feel about cyber security, then use this information to inform how your organisation can provide support for staff going forwards. |
Step 2 - Leading a Cyber Secure Culture
| Question |
| What leadership behaviours or actions have you observed to effectively promote cyber security? |
| Read |
Leaders are often in a position to champion a culture of cyber security awareness and vigilance so that it permeates every level of an organisation. This guidance explains how leaders can go about this: Link: The Crucial Role of Leadership in Fostering a Culture of Cybersecurity |
| Question |
| Open communication is discussed as a crucial component of effective cyber security practice. What can you do within your role to build an environment where staff feel comfortable to ask questions and come forward with any cyber security concerns? |
Step 3 - Lessons Learnt: Scottish Environment Protection Agency
| Read |
In 2020 the Scottish Environmental Protection Agency (SEPA) was the target of a major cyber attack. After the attack, SEPA commissioned independent reviews to allow others to learn from their experience in order to better protect themselves against cyber crime. Link: SEPA's response and recovery from a major cyber-attack |
| Question |
In addition to the recommendations outlined, the report also highlights what worked well as part of SEPA's response.
|
Step 4 - The Future of Cyber Crime
| Task |
As digital technologies evolve around us, so do the tools and software of cyber attackers. It's therefore important to consider how we can future-proof our approach to cyber security. Have a look at this article which presents some emerging cyber security threats: Link: The Future Of Cybersecurity: Emerging Threats And How To Combat Them |
| Question |
Whilst artificial intelligence (AI) innovations bring great opportunities, they may also increase exposure to cyber risk.
|
What Next?
You have now completed the Drive pathway.
Pathway Update Notifications
You can access this Pathways Update Notifications Form to register to receive email notifications when pathway content is updated or new resources are added.
Feedback
To share any comments or questions you have about the pathway please email nes.dew@nhs.scot. You can also let us know if any of the links aren’t working, or the resources aren’t available.
