Welcome to Cyber Scotland Week 2019! A first of its kind for cyber in Scotland, Cyber Scotland Week draws together events across the country to showcase the innovation taking place in the sector, while raising awareness of good cyber resilience practice and promoting a career within the industry.

Cyber security affects us all, whether or not we realise it. Cyber attacks can cause disruption to our daily routines and cyber-enabled crimes such as fraud and identity theft can result in significant financial losses. Cyber crime is crime – just like theft or assault – but the police and other authorities suspect that it is being massively under-reported, because many people don’t treat it as such, or because they may feel embarrassed about falling victim to an online scam.

Organised crime gangs are increasingly turning to cyber crime, since it’s more profitable and less risky for them than more traditional in-person crime. Most cyber crime is carried out in pursuit of financial gain, but as a university we’re also a rich source of personal and research data, so we have to look after our information as well as our resources. If you interact with the online world in any way – via email, text message, messaging apps, social media or the web – you are a potential target for cyber crime.

However, this doesn’t mean that falling victim to cyber crime is inevitable. By following our advice and adopting a few basic defensive behaviours, you can greatly reduce the likelihood of a successful attack:

1. Listen to your instincts – if an email, website or phone call doesn’t feel quite right, consider that it could be malicious and what could happen to you or the University if it is. If there’s the potential for harm or damage, think carefully before you act.
2. Take your time – Don’t feel pressured into doing something in a hurry, just because a message tells you to act quickly. Think about whether or not the request is reasonable or expected and, if necessary, seek confirmation using an alternative method such as phone call or face-to-face.
3. Share your concerns – Use a trusted authority such as Information Services for advice, guidance and support and always tell us if you think that something bad may have happened. You won’t get into trouble for reporting accidents or near-misses and doing so helps to protect other people.

What’s happening during the week?

Here at Edinburgh Napier University, we’ve put together 4 themed days of cyber security content for students and staff, presented on this website and promoted through our digital signage, intranet sites and social media accounts. There aren’t any events to attend or course to complete – all of the information you need is right here!

• On Tuesday 23^rd we’ll be talking about Passwords – why it’s important to keep them secret, when you should change a password, ways to avoid someone guessing your password and the importance of using a unique password for every website and online service.
• Email Safety is the topic for Wednesday 24^th – phishing regularly tops the charts as the preferred route for cyber criminals to gain access to organisations and steal data. While it may not be possible to avoid every single phishing message, our tips will help you to avoid many of them and will tell you what to do if you think you may have fallen victim to a phishing attack.
• Almost everyone has at least one mobile device, so on Thursday 25^th we’ll cover Device Safety – how to keep the information on your device secure, the importance of software and app updates and what to do if your device is lost or stolen.
• We’ll finish Cyber Scotland Week 2019 with a look at Data Safety on Friday 26^th – staff in particular have access to large amounts of information, including confidential data on students, finance and research. Knowing where that information is being kept, who has access to it and if it’s properly protected against damage or loss is essential to University business.

We’re hoping that everyone will find something useful in the content that we’ve prepared, but if there’s anything we haven’t covered that you’d like to know more about, please let us know.

Best wishes,

Graeme Hamilton
Information Security Manager
Edinburgh Napier University