As the Scottish schools begin to break up and holidays begin, many organisations move to a slower pace over summer. Unfortunately, cyber attacks don't take a break.
The growing risk of a cyber incident means it is an issue that should remain on every organisation’s radar even as holidays (and hopefully some summer sun) appear on the horizon.
Cyber crime can include hacking, phishing, or using malicious software, which are deployed to access data – this usually leads to financial loss for an organisation, and gain for the threat actor. Recent statistics released in Scotland show that, in 2023-24, an estimated 16,910 cyber-crimes were recorded by the police in Scotland – this represents an increase of over 9,000 (over 200%) from the pre-pandemic rate recorded in 2019-2020.We always recommend that affected organisations report a cyber incident to, and engage with, the appropriate agencies. However, cyber attacks are often not reported to the police, so the real cyber-crimes figures are likely much higher.
Threats can come from organised groups, with specific targets, as well as more generic attacks. Targeted attacks are not uncommon, and nation state actors may sometimes be responsible for these types of attack. Earlier this year the UK Government called out threat actors associated with China for carrying out malicious cyber activities, targeting UK institutions and individuals.
Often when organisations think of cyber attacks the first thought is data breaches and the risks that come with unauthorised access to personal data, often in the form of ransomware attacks. However, another risk for organisations impacted by a cyber attack, targeted or otherwise, is the risk of inability to access systems, otherwise known as ‘denial of service’. Over the summer key events, such as the general election, the Euros and the Olympics, can generate interest, exposure, opportunities and income for organisations. A well-timed cyber attack could compromise the provision of key services, resulting in significant loss and reputational damage. Being unable to provide business as usual services, also brings a risk of being in contractual breach, with knock-on legal and financial exposure.
There are a number of steps that organisations can take now to mitigate and prevent the impact of cyber crime on their operations. These include knowing the organisational “crown jewels” and how these are protected as an important first step to maintaining business and usual services in the event of a cyber attack. Having a stress-tested incident response plan can help a business respond quickly to any incident and mitigate the impact on services, preventing a full denial of service.
Burness Paull’s leading cyber security, data protection and group litigation experts have significant experience in managing cyber security risks and best practices. Our team are on hand to support you on your cyber resilience journey, from implementing protective measures to handling a full-scale incident. Please get in touch with any of our team to discuss your needs.
Written by
Related News, Insights & Events
Error.
No results.
An evening of insight into investigations: in conversation with Mark Daly
11/06/2026
We are delighted to be joined by Mark Daly, the BBC’s award-winning investigative journalist behind some of its most talked about programmes.
Data Spring Webinar Series: Preparing for Data and Cyber Challenges in 2026
19/05/2026 - Online webinar
Join our annual data spring webinar series, designed to help organisations navigate the evolving data privacy and cyber security landscape with confidence.
UK corporate criminal liability extended
14/05/2026
Companies are used to facing criminal liability for regulatory offences (such as health and safety).
{name}
{properties.pageSummary}
{properties.eventName}
{properties.pageDate|date:dd/MM/yyyy}{properties.shortDescription}
{properties.headline}
{properties.pageDate|date:dd/MM/yyyy}
{properties.shortDescription}
