How to level up your business cyber security

What is Cyber Security?

Cyber security is all about protecting the devices you use (smartphones, laptops, tablets and computers) to run your operations, and the services you provide to customers. It's also about preventing unauthorised access to the personal information stored on devices, and the systems that keep your business running and online. 

How to improve your business cyber security

1. Back it up

Backing up your data is a great way to ensure you can recover your business data and services in the event of an IT failure or cyber-attack such as ransomware. Here's a handy guide to ransomware - NCSC.GOV.UK Link opens in a new window. Think about how much business data you could afford to lose – this will help you work out how often you should backup your data. Automating those backups is a fuss-free way of doing this that’ll give you piece of mind that your data is protected. 

2. Mighty password strength

Avoid using easily discoverable information like pet names or favourite sports teams, as criminals can easily find these details on your social media profiles.

1. The National Cyber Security Centre (NCSC) recommends combining 3 random words Link opens in a new window that each mean something to you. This is a great way to create a password that is easy to remember but hard to crack.
2. Layers, layers, layers! Enable two-factor authentication (2FA) when available. It requires an additional one-time code, from an app or text message, along with your password for login. This extra layer of security safeguards your accounts if your password is compromised.

You can check if your password or email address has been compromised using this free tool  "Have I been Pwned?” Link opens in a new window

3. Protect yourself from viruses

No one likes viruses and bugs – especially not the ones which infect your computers! Losing time and money on recovering from malware and phishing attacks can make it difficult for small businesses to survive. Digital ads can sometimes contain malware that can infect your computer or device. AdBlocking tools block insecure internet sites and reduces the risk of viruses.

4. Phishing around

A popular phishing attack is Business Email Compromise (BEC). This is when a business email account is compromised and operated by an attacker to send genuine looking invoices and requests for payments, or to send attachments that infect the recipient’s device with viruses. The emails are often targeted at specific people, like finance teams or executives, to trick staff in to releasing funds or information. To be safe it’s best not to rely on email alone for financial instructions. Call the person on an official number (not the one in the email!) directly to check. A good rule of thumb is to be suspicious of anything unexpected or tasks you are not normally asked to do. It’s also a good idea to train your staff not to discuss work on external platforms such as Whatsapp, as these platforms are popular with fraudsters as a way of avoiding detection. For more top tips on this, check out this  printable infographic from the NCSC Link opens in a new window

5. Knowledge is power 

Being aware of cyber risks and how to keep yourself and your business safe is important.

Check out this handy guide Link opens in a new window below from the National Cyber Security Centre – the perfect handout for you and your colleagues to keep by your desks. 

6. Think about Cyber Insurance

Most small businesses don't have an in-house cyber security expert, a dedicated crisis communication team, or budget set aside for GDPR fines. That's where cyber insurance comes in. It's designed to provide the expertise and financial support you need to get back up and running following a cyber security event - and it's a cover for businesses of all sizes to consider.

Superscript, Virgin Money's business insurance Link opens in a new window partner, offers cyber insurance Link opens in a new window. Their market-leading cover provides access to a 24-hour breach response helpline, plus legal, IT security and PR crisis management specialists - and more.