Cyber Security Analysts: FOI release

Information requested

Under the Freedom of Information Act I would like to ask a series of questions around the number of cyber security analysts in your department during different time periods between 2015 and 2018. For the purpose of clarity, I defined a cyber security analyst as anyone in the department IT team specifically responsible for monitoring and combatting cyber-threats.

How many cyber security analysts were employed by your department on the 1st Jan 2018? a). How many of these were staff employed by your department vs an external contractor or by other means (if other please specify for example: provided by another department)? How many cyber security analysts were employed by your department on the 1st Jan 2017? a). How many of these were staff employed by your department vs an external contractor or by other means (if other please specify for example: provided by another department)? How many cyber security analysts were employed by your department on the 1st Jan 2016? a). How many of these were staff employed by your department vs an external contractor or by other means (if other please specify for example: provided by another department)? How many cyber security analysts were employed by your department on the 1st Jan 2015? a). How many of these were staff employed by your department vs an external contractor or by other means (if other please specify for example: provided by another department)? If possible, over the period of 1st Jan 2015 and 1st Jan 2018, how many cyber security analysts have you had leave and join the department (please specify both how many left and how many joined).

Response

The Social Security Directorate within Scottish Government is responsible for ensuring the safe and secure transition of benefits to be devolved to Scotland from the UK under the Scotland Act 2016, this includes establishing a new agency to deliver these benefits.

As a core Scottish Government Directorate, Social Security utilises Scottish Government IT systems, where cyber security is managed by the central Scottish Government Office of Protective Security. It is my understanding that you have already contacted them with a similar request.

In establishing the new agency and associated IT systems, the Social Security Programme will develop an operational security capability of its own. As a relatively new Programme we have not yet employed any Cyber Security Analysts.

Attachments

No attachments found.

Similar releases

• Compliance Metrics and quality assurance processes for FOI case management and documentation in 2025: FOI release 2026-05-15 · unclear · 2 files
• Scottish Public Pensions Agency - Organisational structure for Business Transformation: FOI release 2026-05-14 · unclear · 0 files
• Perth and Kinross broadband queries: FOI release 2026-05-14 · not held · 0 files
• First Minister's Shetland Isles visit information: FOI release 2026-05-14 · unclear · 2 files
• Health Board funding, NHS Resource Allocation Committee comparison, and additional allocations: FOI release 2026-05-14 · released · 2 files
• Accountancy in Bankruptcy - Software based data destruction queries: FOI release 2026-05-14 · unclear · 0 files
• Scottish Prison Service Policy for the Management of Transgender People in Custody Operational Guidance spend: FOI release 2026-05-14 · unclear · 0 files
• Scottish Government documentation regarding the procurement of Oracle: FOI release 2026-05-14 · not held · 0 files