National Cyber Security Centre
Revamped cyber guide will help small businesses work securely online
The NCSC Small Business Guide has been revamped for 2020 as well as the response and recovery guidance.
- The NCSC’s ‘Small Business Guide’ sets out key areas for business cyber security
- Timely revamp will help organisations now operating online due to coronavirus
- Latest in a raft of measures from the NCSC, a part of GCHQ, to help small businesses thrive online
Small businesses will benefit from a revamped version of a popular guide telling them how to stay safe online that was published yesterday by cyber experts.
The National Cyber Security Centre’s (NCSC) re-launched Small Business Guide sets out five key areas for businesses to help improve their cyber security.
The new-look guidance arrives at a time when many organisations have moved their operations online due to the coronavirus pandemic. It highlights accessible and actionable steps to take which have little to no cost.
The five steps in the Guide, the original version of which was published in 2017, include advice on protecting passwords and avoiding email phishing attacks.
Sarah Lyons, NCSC Deputy Director for Economy and Society Engagement, yesterday said:
“Cyber security can seem overwhelming for some small business owners, but it’s never been more important to ensure that measures are in place to protect against online threats.
“That’s why the re-launch of our Small Business Guide is so timely, and I would strongly encourage businesses to consult it, whether they have previously done so or not.
“By acting on the guide’s five key recommendations, small businesses can significantly reduce their chances of falling victim to a cyber attack and help to keep their day-to-day operations running smoothly.”
The five recommended areas of focus are:
- Backing up your data: Top tips include keeping a back-up of data separate, reading our Cloud Security guidance, and backing up regularly.
- Protecting from malware: Top tips include switching on firewalls, preventing staff downloading dodgy apps, and controlling how USBs can be used.
- Keeping your smartphones (and tablets) safe: Top tips include making sure devices can be wiped remotely, not connecting to unknown Wi-Fi networks and keeping device software up-to-date.
- Using passwords to protect your data: Top tips include avoiding predictable passwords, using two-factor authentication, and changing default passwords.
- Avoid phishing attacks: Top tips include checking for obvious signs of phishing, reporting all attacks, and testing resilience using our Exercise in a Box tool
Earlier this year, a survey by the Department for Digital, Culture, Media and Sport (DCMS) found around half of micro and small businesses (52%) reported falling victim to a cyber security breach or cyber attack in the past year. The average cost to these businesses was nearly £1,000 – rising to more than £3,000 for some.
The Small Business Guide is part of a collection of NCSC guidance which has been reviewed and refreshed to offer up-to-date tips on implementing key security controls.
This includes the Small Business Guide: ‘Actions’ resource, which breaks down the recommendations into individual steps, and our Response and Recovery guidance which outlines how to prepare, manage, resolve and report an incident if one does occur.
Latest News from
National Cyber Security Centre
Top of the class: Schools awarded by experts for high quality cyber teaching20/09/2021 12:20:00
Sixteen schools and colleges achieve recognition from the NCSC for excellence in cyber security education.
UK and US cyber security leaders meet to discuss shared threats and opportunities13/09/2021 11:15:00
National Cyber Security Centre CEO and Director of the US Cybersecurity and Infrastructure Security Agency meet in London.
Record number of teenagers sign up to develop cyber skills over summer26/08/2021 16:20:00
Participation at all-time high for CyberFirst summer courses, led by the National Cyber Security Centre (NCSC).
Email innovation simplifies takedown of cyber scams12/08/2021 14:15:00
Scam emails can be sent directly to SERS via a new button organisations can add to their Microsoft Office 365 accounts.
Tech startups join UK cyber experts to address security challenges11/08/2021 09:15:00
The first companies to work with the NCSC for Startups initiative have been selected.
Public can now report scam websites direct to the NCSC10/08/2021 11:15:00
A new reporting tool has been made available for the general public who come across scam websites.
NCSC lifts lid on three random words password logic09/08/2021 11:15:00
Cyber security experts recently (Friday) revealed in depth for the first time the logic behind their advice to use three random words when creating passwords.
UK and allies publish advice to fix global cyber vulnerabilities28/07/2021 15:25:00
A joint advisory from international allies has offered advice for the most publicly known software vulnerabilities.