All organisations should take basic steps to protect themselves online
You can take some simple steps to protect your business against online security threats. Having good cyber security measures in place will help protect your cashflow, your customer data and your reputation.
A full range of guidance and support can be found on the National Cyber Security Centre website. Some of the key pieces of advice are outlined below.
Don’t delay - take action to protect your business now.
Get the basics right
Cyber Aware offers simple advice to help small businesses and citizens stay safe online.
The Small Business Guide shows how to improve cyber security within your organisation quickly, easily and at low cost.
Free Online Training - Top Tips for Staff This new online learning module helps you and your staff understand why cyber security is important and shows how to take practical steps to protect against fraud and cyber crime. It’s totally free, easy-to-use and takes less than 30 minutes to complete. More information here.
Small Business Guide to Response and Recovery helps small to medium sized organisations prepare their response to, and plan their recovery from, a cyber incident.
Cyber Essentials shows you how to put technical measures in place to protect your business against the most common internet threats. You can also apply for a Cyber Essentials badge to demonstrate to customers your business takes this issue seriously. Cyber Essentials is recommended by Government for all organisations which rely on the internet.
Get free online training for you and your staff
Cyber security training for businesses This page details a range of free e-learning courses to help businesses and staff protect themselves online.
Introduction to Cyber Security This course developed with the Open University and FutureLearn offers a comprehensive introduction to cyber security and how to protect your digital life online. Anyone with an interest can take part. Study is around two hours per week over eight weeks.
Report cyber crime and online fraud
Action Fraud is the UK’s national fraud and internet crime reporting centre. Use the online tool to report online fraud or cyber crime to the police.
Report a cyber security incident to the National Cyber Security Centre using this online reporting tool.
Ask for help
Get Safe Online offers businesses and the public a wide range of free expert advice, including a tool for asking questions about online security.
Find IT and cyber security companies in the UK This directory lists UK cyber security companies by name, by services or by products so you can find the help you need.
Certified Cyber Consultancy helps larger organisations get the right cyber security consultancy services to protect their information and do business online safely.
The Cyber-security Information Sharing Partnership (CiSP) enables businesses to share information on cyber threats, get Government threat alerts and discuss security issues via a secure online platform.
Advice for large businesses
The Board Toolkit is a new set of resources designed to encourage essential cyber security discussions between the Board and their technical experts. Board members don’t need to be technical experts, but they need to know enough about cyber security to be able to have a fluent conversation with their experts, and understand the right questions to ask.
The 10 Steps to Cyber Security shows larger businesses and organisations how to put a comprehensive cyber security risk management plan in place. This guidance is recommended by Government for all larger organisations operating online.
Cyber security guidance for non-executive directors helps non-executive directors talk with board colleagues about cyber security risks. It details the questions NEDs should ask to help their company prosper in the information economy age.
Get specialised cyber security guidance
The new National Cyber Security Centre offers a wide range of useful guides on all areas of cyber security including password guidance, Bring Your Own Device (BYOD) and network encryption, as well as advice on how to deal with issues such as phishing, social engineering, patch management, denial of service (DoS) attacks and cloud computing security.