In 2021, 39% of UK businesses have identified cyber security breaches or attacks in the last 12 months, costing an average of £8,460 per business that lost data or assets after breaches.
The National Cyber Security Centre (NCSC) is a Government department that provides advice and support for the public and private sector in how to avoid computer security threats. They have a wealth of simple guidance for small and medium sized organisations that anyone can follow and implement to make their business more cyber secure, without the need to be technologically-minded.
The NCSC recommend working through the list of advice and resources below if you are looking to improve cyber security within your business:
1. Cyber Aware – Cyber Aware is the government’s advice on how to stay secure online. It outlines six actions to take to improve your cyber security and offers a tailored plan for you or your business.
2. NCSC Subscription Centre – The subscription centre provides the opportunity to receive various communications from the NCSC including NCSC Newsletter, Advisories and the Weekly Threat Reports
3. Small Business Guide – Explains how to improve your cyber security; affordable, actionable advice for organisations.
4. Small Charities Guide – Explains how to improve cyber security within your charity – quickly, easily and at low cost.
5. Top Tips for Staff and Cyber Security for Small Organisations E-learning – Both designed to be integrated into your organisation’s training platform.
6. Exercise in a Box – A free online tool which helps organisations find out how resilient they are to cyber attacks and practise their response in a safe environment. Exercises include from 15-minute micro exercises, 1-3 hour discussion based exercises and a 3-4 hour simulation exercise.
7. Response & Recovery Guide – Guidance that helps organisations prepare their response to and plan their recovery from a cyber incident.
8. Ten Steps to Cyber Security – Take things a little further: breaks down the task of defending networks into ten essential components.
9. COVID-19 Guidance – This guidance includes home working, video conferencing and moving your organisation from physical to digital
10. Supply Chain Security – This guidance will provide organisations with an improved awareness of supply chain security, as well as helping to raise the baseline level of competence in this regard, through the continued adoption of good practice.
11. Cyber Essentials – Cyber Essentials government backed certification scheme helps you to guard against the most common cyber threats and demonstrate your commitment to cyber security. As mentioned a lot of government and some private contracts are now requesting Cyber Certification as part of their tender process.
12. Cyber Essentials Readiness Tool – A free, online resource that guides organisations through a series of questions related to the Cyber Essentials criteria to help prepare them for certification. The tool asks questions about an organisation’s use of hardware, software, and boundary devices such as firewalls, as well as use of passwords and protections against malware and provides clear, non-technical advice for the user. Upon completion of the tool the user receives a tailored action plan that outlines the steps they need to take to achieve Cyber Essentials certification. This tool, developed by IASME on behalf of the NCSC – a part of GCHQ – was launched at the NCSC’s flagship conference CYBERUK 2021.
Videos on several common cyber security threats can also be accessed via the links below: