1. Backing Up your Information
In a worst-case situation, the best route to recovery will be restoring data/information from backups and rebuilding systems. So, make sure you have good backups.
2. Protect the business from Malware
Malicious software will damage your data by infesting it with viruses, malware or even encrypting the data so it can’t be accessed unless a ransom is paid (ransomware).
3. Making sure your Mobile Devices are Safe
Mobile computing is now a vital part of business life because we want information wherever we are. This presents an ever-widening landscape for cybercriminals to attack your systems, da=mage your data and potentially harm the business
4. Having Strong Passwords and Using MFA
Passwords must be considered carefully, not all need to be changed regularly and users should be able to reset them themselves.
5. Being Aware of Phishing
In a typical phishing attack, scammers send fake emails to thousands of people, asking for sensitive information (such as bank details), or containing links to bad websites.
This is by no means an exhaustive list, consider it a starting point. While this may seem daunting, there are systems and processes that can be implemented to ensure your business is getting on top of keeping safe.
Our guide can be used to help you understand how well your business is defended against Cyber Attacks and from this make changes and improvements to better protect yourself. On the other hand, you can engage with us to conduct an assessment for you.
Our assessment framework is based on the guidance provided by the NCSC’s Small Business Guide and 10 Steps to Cyber Security. In addition, we have taken the best practices from the ICT industry as well as the requirements of Cyber Essentials to form 2 levels of assessment that will, depending on your risk appetite, give you the confidence to know how vulnerable your business is.
It is our view that Security is a Process, not simply a Product and that every business needs to have IT Security on its radar and routinely reviewed. We know that no matter how hard we try to protect ourselves there is always a possibility that a security breach could occur. However, by reducing our exposure to threats and being harder to attack we reduce the risk significantly.
Given that we know we could be the victim of cybercrime, here are some helpful links:
- Action Fraud operates a 24/7 phone line for organisations experiencing a live cyber-attack, enabling you to get immediate help and advice from fraud and cyber-crime specialists.
- If you are concerned that you have been a victim of cybercrime, please report it to Action Fraud on 0300 123 2040, or contact them online at – https://www.actionfraud.police.uk/
- If you have received an email which you’re not quite sure about, forward it to the NCSC’s Suspicious Email Reporting Service (SERS) at [email protected].
- More information about how to report to the NCSC – SER can be found here: https://www.ncsc.gov.uk/collection/phishing-scams
You can refer to our Cyber Security Guide for more details about all the tips mentioned above.