Public Sector Cyber Security Scotland 2026

The refreshed Strategic Framework for a Cyber Resilient Scotland was recently published, in the face of an ever-changing cyber threat landscape. Scotland’s public sector must act now to protect vital services and citizens’ data.

Holyrood Connect’s Public Sector Cyber Security Scotland 2026 returns to Edinburgh on 3 February, bringing together cyber security experts and industry leaders to explore practical solutions to current and future challenges.

Through keynote speeches, expert panels, and interactive masterclasses, this event offers insight into how organisations can stay ahead in a constantly shifting landscape.

Key Themes

  • Strategies for embedding cyber resilience into public sector digital infrastructures
  • Harnessing the power of AI to improve real-time threat intelligence and response
  • Cyber incident exercising and enhancing incident response readiness across public services
  • Fostering collaboration and innovation

Attendees will also have the opportunity to enjoy an exhibition area and connect with peers during dedicated networking sessions.

Who Should Attend?

This event is aimed at public and third sector professionals, including:

  • CIOs, CISOs, Heads of Digital and IT
  • Information Security and Risk Managers
  • Cyber strategy, policy, and governance professionals

Join us in Edinburgh in February to connect with peers and help shape a safer digital future for Scotland.

Secure your free place

This event is free to attend for those working in the public and third sectors. If you work in the private sector, please email sales@holyrood.com to discuss commercial opportunities.

Cyber Security Series

We’re also hosting the Public Sector Cyber Security Series in Glasgow on 4 February – find out more here.

Conference Highlights

Watch our video below to get a flavour of what to expect at the event.

Holyrood Connect

Holyrood Connect publishes leading Public Sector ICT news in Scotland and hosts renowned public sector tech events and conferences. You can view all of Holyrood Connect’s upcoming events here. 

Share This Event
Event Details
Add to Calendar

In today’s climate of evolving and highly sophisticated cyber threats, Scotland’s public sector faces a dual challenge: securing critical infrastructure while meeting growing public expectations for seamless digital services.

This session will explore how we move beyond compliance to embed true cyber resilience - building the ability to prevent, withstand, and recover from attacks.

Our speakers will delve into:

• Augmenting skills and resources to strengthen cyber defenses
• Collaboration and partnership working
• The growing importance of Cyber Resilience Auditing / cyber assessment frameworks
• Leveraging Capability at Scale
• What happens after a data leak

Speakers:

For three years, we’ve discussed the "amazing and scary" potential of AI. However, a harsh reality has set in - departments are being mandated to "enable AI" and drive digital transformation before they have organised the decades of legacy data those systems will feed upon. This misalignment is now the single biggest threat to data sovereignty, regulatory compliance, and the viability of public service innovation. This masterclass moves past the hype to address the essential preface to any public sector AI strategy: robust data organisation. We will explore the four pillars of data readiness and the shift towards a unified, data-centric security posture, ensuring your departmental foundation is secure and compliant before enabling AI at scale.

(please note that each masterclass will run twice, allowing delegates to attend two from 11:30 - 12:00 and 12:05 - 12:35)

Speakers:

Join Tanium as we unpack the challenges of balancing people, process, and technology for resilience, innovation and growth in a world that requires us to utilise AI and automation across IT.

(please note that each masterclass will run twice, allowing delegates to attend two from 11:30 - 12:00 and 12:05 - 12:35)

Speakers:

This session provides a practical, scenario-driven demonstration of how ransomware attacks rely on lateral movement to succeed and how Akamai Guardicore segmentation can stop them.
Through a live demo, participants will see the real impact of an attack on running applications, comparing an environment with no segmentation to one protected by segmentation. The focus is on limiting blast radius, preventing attacker progression, and ensuring a local compromise does not become a full-scale incident.

Key Learning Objectives:
● Understand why lateral movement is critical to ransomware success
● See how segmentation limits attacker reach and reduces blast radius
● Learn how application-centric visibility enables effective security policy design
● Discover how proactive controls change the outcome of a ransomware attack

(please note that each masterclass will run twice, allowing delegates to attend two from 11:30 - 12:00 and 12:05 - 12:35)

As cyber threats grow in scale and complexity, traditional security approaches can struggle to keep up.

This session will focus on how public sector organisations are deploying artificial intelligence to strengthen threat detection and response, while addressing common challenges such as budget pressures, skills gaps, and operational constraints.

We will delve into the realities of implementing AI in public sector environments, including ethical considerations, procurement, and the need for operational transparency and trust.

Speakers:

In today’s threat landscape, it’s no longer a matter of if an incident will occur, but when. Building cyber resilience means having both the right architecture and the right people prepared to respond.

This session explores how organisations can prepare for attacks through structured training, cyber incident exercising, and incident response planning, alongside implementing Zero Trust principles.

Attendees will gain practical strategies to enhance readiness, limit damage, and maintain service continuity during cyber incidents.

Speakers:

Discover how Forestry and Land Scotland’s migration from an on-prem data center to public cloud preserved critical legacy systems, strengthened security posture, and created a solid foundation for future transformation.
This case study explores real challenges, practical solutions, and the benefits of a cloud-first strategy.

Speakers:

As cyber threats become more frequent and sophisticated, public sector organisations across Scotland must stay ahead.

This session will explore how we can enhance cyber resilience and prepare for what lies ahead.

Our expert speakers will discuss:

• The next steps in strengthening Scotland’s public sector cyber security - from foundational resilience to proactive threat management
• Forward-looking strategies for procurement, ensuring security is embedded from the outset
• How public sector organisations can harness innovation and collaborate with the private sector more effectively

Speakers:
Heather Toomey
Principal Cyber Specialist
Information Commissioner's Office
Rob Demain
CEO & Founder
e2e-assure
Scott McKinnon
CSO
Palo Alto Networks
Ali Shepherd
CISO and Chief Scientific Adviser
Financial Conduct Authority
Nick Mahlitz
Head of Cyber Security and Infrastructure
Forestry and Land Scotland
Alex Harris
Head of Government Cyber Implementation
Department for Science, Innovation and Technology (DSIT)
Annie Collings
Programme Manager, Cyber Resilience
techUK
Dr Siamak Shahandashti
Senior Lecturer in Cyber Security & Privacy
University of York
Gordy Macdonald
Cybercrime Protection, Incident Support and Training Officer
Police Scotland
Dan Jones
Senior Security Advisor in EMEA
Tanium
Alan Gray
Head of National Cyber Security and Resilience
Scottish Government
Alison Brogan
Cyber Resilience Co-ordinator
Scottish Council for Voluntary Organisations (SCVO)
John Saunders
Senior Solutions Engineer
Netskope
Nuala Kilmartin
Innovation Lead, Digital Security Technologies
InnovateUK, UKRI
Beverly Bowles
Head of Cyber
ScotlandIS
Maggie Titmuss MBE
Chair - National Cyber Resilience Advisory Board
Scottish Government
Karen Meechan
Chief Executive
ScotlandIS
Keith McDevitt Headshot
Keith McDevitt MBE
SC3 Cyber Exercising Lead
Scottish Government
Chelsea Jarvie
CISO and global keynote speaker
Chelsea is an advocate and leader with regards to diversity in digital and has been a STEM ambassador since 2012. Chelsea was named as a "Woman of the Future" by Equate Scotland in their "Leading Women of Scotland" publication.

For speaking enquiries, please contact: diana.allen@holyrood.com

For sponsorship and partnership enquiries, please contact: steven.perrie-clyde@holyrood.com

For all other enquiries, please contact: eventsadmin@holyrood.com

Event Details
Add to Calendar
Sponsors
Supporting organisation



This site uses cookies. Find out more about cookies and how you can refuse them.

I Accept