October 11th 2017
– New guide gives expert advice on how small businesses can easily avoid common online dangers
– Cyber security “should be as second nature as cashing up or locking the doors at night”
– Federation of Small Businesses welcomes “simple and practical” new guidance
UK small businesses can shield themselves from potential online attacks thanks to a new guide created by the National Cyber Security Centre (NCSC).
Research by the Department for Digital, Culture, Media and Sport (DCMS) earlier this year found that nearly half (45%) of all micro/small businesses identified a cyber security breach or attack in the last year. Despite this among the quarter of micro/small businesses that consider it a low priority, over a third (35%) have nonetheless identified a breach.
Launched today, the NCSC Small Business Guide includes five simple steps organisations can follow to improve their cyber security and better protect themselves from loss online.
The expert advice comes in categories focused on backing-up data, using strong passwords, protecting against malware, keeping devices safe and avoiding phishing attacks.
Alison Whitney, the NCSC's Director for Engagement, said: “Cyber security can feel daunting for a small business, which is why we’ve made the UK’s most easy-to-access guide to help them thrive online. Protecting against malware, backing up data and avoiding phishing attacks should be as second nature to a small firm as cashing up or locking the doors at night. Whether you own a bakery, a building firm or you sell products online, our advice will help all business owners avoid threats that can cost time, money and reputation.”
Employing more than 12.5 million people and representing 99% of all private sector businesses in the UK, small businesses are at the heart of the nation’s economy.
MIke Cherry, National Chairman at the Federation of Small Businesses (FSB), said: “Cybercrime is one of the fastest growing risks to small businesses and support to tackle it is essential. FSB research shows cyber attacks on small businesses now cost the economy over £5bn a year. Without the time, resources and in-house expertise, it can be challenging to know the best, and even most basic, steps of defence. We therefore welcome this simple and practical guidance to help small businesses protect themselves against common cyber threats in the first place. Clear guidance is an important part of increasing the cyber resilience of the small business community, and we hope to see all future information consolidated in one place so that small firms know exactly where to turn for the most up-to-date cyber security advice.”
The government’s Cyber Aware campaign recommends simple ways SMEs can protect themselves online, including installing the latest software and app updates and using a strong, separate password for email.
Traders looking to improve their cyber security further can also seek certification under the Cyber Essentials scheme, which helps protect against common internet threats and demonstrates to customers and prospective clients they take the protection of their data seriously.
Further information
You can see the Small Business Guide here: https://www.ncsc.gov.uk/smallbusiness.
The five steps the NCSC Small Business Guide suggests small businesses follow are:
1. Backing up your data: Five things to consider when backing up your data
2. Protecting your organisation from malware: Five free and easy-to-implement tips that can help prevent malware damaging your organisation
3. Keeping your smartphones (and tablets) safe: Five quick tips that can help keep your mobile devices (and the information stored on them) secure
4. Using passwords to protect your data: Five things to keep in mind when using passwords
5. Avoiding phishing attacks: Steps to help you identify the most common phishing attacks
The UK Government is fully committed to defending against cyber threats and address the cyber skills gap to develop and grow talent. The NCSC was created as part of the five year National Cyber Security Strategy (NCSS) announced in 2016, supported by £1.9billion of transformational investment.
The NCSC provides a single, central body for cyber security at a national level and is the UK’s technical authority on cyber. It manages national cyber security incidents, carries out real-time threat analysis and provides tailored sectoral advice. GCHQ is the parent body for the Centre, meaning that it can draw on the organisation’s world-class skills and sensitive capabilities.
The UK Government’s behavioural change campaign for cyber security, Cyber Aware, promotes simple measures that small businesses and individuals can adopt to stay more secure online. Cyber Aware’s technical advice is provided by the NCSC. Further information on the campaign can be found here.