Skip to main content

Cybercrime is one of the fastest growing risks to businesses, not to mention an expensive one too. And with already rocketing prices in just about everything, there’s never been a more important time to tackle and prevent it. According to a study from Gov.UK Link opens in a new window, 39% of businesses have identified a cyber-attack in 2022 with the average attack costing £4,200, rising to a whopping £19,400 for medium and large businesses.

That’s why here at Virgin Money we’ve partnered with Global Cyber Alliance Link opens in a new window (a nonprofit organisation dedicated to making the internet a safer place by reducing cyber risk) to bring our business customers their free Cyber Toolkit for Small Businesses Link opens in a new window. With attacks regularly hitting the headlines cyber security can be a daunting challenge, but these carefully selected tools can help you reduce cyber risk.

And we know you’ve got your hands full running your business, and some quick training might suit you and your staff better – which is why GCA have also developed a series of simple mini courses Link opens in a new window, each lasting approximately 15 minutes. They can be taken at any time and pace and they also come with handy downloadable checklists and reference sheets Link opens in a new window.

Along with GCA’s brilliant resources, there are lots of ways to help protect yourself and your business from cyber enabled crime – let’s look at some ideas to get you started.

What is Cyber Security?

Before we get into the details on how to protect you and your business, cyber security is all about protecting the devices you use (smartphones, laptops, tablets and computers) to run your operations, and the services you provide to customers. It's also about preventing unauthorised access to the personal information stored on devices, and the systems that keep your business running and online.

How to improve your business cyber security

1. Back it up

Backing up your data is a great way to ensure you can recover your business data and services in the event of an IT failure or cyber-attack such as ransomware Link opens in a new window. Thinking about how much business data you could afford to lose – this will help you work out how often you should backup your data. Automating those backups is a fuss-free way of doing this that’ll give you piece of mind that your data is protected.

2. Don’t be lazy on passwords

One of the most common ways attackers gain access to systems is through guessing, stealing, or hacking passwords. Did you know ‘123456’ has been found 23 million times Link opens in a new window in identified business data breaches? Here is how to protect your accounts and systems:

1. Use a strong password and check if your password has been compromised using this free tool “Have I been Pwned?” Link opens in a new window. NCSC recommends combining 3 random words Link opens in a new window that each mean something to you. This is a great way to create a password that is easy to remember but hard to crack. Our friends over at GCA provide easy tools Link opens in a new window to detect weak passwords and help you to manage them.

2. Implement some tools for “2FA” – two-factor authentication. This adds an extra layer of protection to your accounts. It works by requiring you to enter an additional code when you sign in – just to make sure it’s YOU logging in.

3. Protect yourself from viruses

No one likes viruses and bugs – especially not the ones which infect your computers! Losing time and money on recovering from malware and phishing attacks can make it difficult for small businesses to survive. Digital ads can sometimes contain malware that can infect your computer or device. Try out AdBlock Link opens in a new window which blocks insecure internet sites and reduces the risk of viruses.

You could also try out Quad9 Link opens in a new window - it’s a free security solution that prevents users from accessing known malicious websites. You can get access to it through the GCA toolkit.

4. Phishing around

A popular phishing attack that you must be aware of is - Business Email Compromise (BEC). This is when a business email account is compromised and operated by an attacker to send genuine looking invoices and requests for payments, or to send attachments that infect the recipient’s device with viruses. The emails are often targeted at specific people, like finance teams or executives, to trick staff in to releasing funds or information. To be safe it’s best not to rely on email alone for financial instructions (call the person direct to check) and be suspicious of anything unexpected. For more top tips on this, check out this printable infographic from the NCSC Link opens in a new window.

5. Knowledge is power

Being aware of cyber risks and how to keep yourself and your business safe is important. Learn all about cyber risk in your business by signing up for this free course from GCA Link opens in a new window which will teach you the basics about cyber threats and their related risks as well as what you can do to protect your small business. Once you understand the risk, check out the free mini-learning modules Link opens in a new window and use the GCA Cybersecurity toolkit Link opens in a new window to select the tools you need to secure your business.

Also check out this handy guide Link opens in a new window below from the National Cyber Security Centre – the perfect handout for you and your colleagues to keep by your desks.

6. Think about Cyber Insurance

Most small businesses don't have an in-house cyber security expert, a dedicated crisis communication team, or budget set aside for GDPR fines. That's where cyber insurance comes in. It's designed to provide the expertise and financial support you need to get back up and running following a cyber security event - and it's a cover for businesses of all sizes to consider.

Superscript, Virgin Money's business insurance Link opens in a new window partner, offers cyber insurance Link opens in a new window. Their market-leading cover provides access to a 24-hour breach response helpline, plus legal, IT security and PR crisis management specialists - and more.

Level up your cyber security today

Find out more

You might also like...