Cyber security guidance for business

Guidance to help businesses and organisations improve online security and protect against cyber threats.

All organisations should take basic steps to protect themselves online

You can take some simple steps to protect your business against online security threats. Having good cyber security measures in place will help protect your cashflow, your customer data and your reputation.

A full range of guidance and support can be found on the National Cyber Security Centre website. Some of the key pieces of advice are outlined below.

Don’t delay - take action to protect your business now.

Get the basics right

Cyber Aware offers simple advice to help small businesses and citizens stay safe online.

Cyber Action Plan offers sole traders & small businesses a simple, personalised ‘to do’ list to help protect your business.

The Small Business Guide shows how to improve cyber security within your organisation quickly, easily and at low cost.

Free Online Training - Top Tips for Staff This newly updated online learning module helps you and your staff understand why cyber security is important and shows how to take practical steps to protect against fraud and cyber crime. It’s totally free, easy-to-use and takes less than 30 minutes to complete. Further background information on this training can be found on the NCSC website.

Small Business Guide to Response and Recovery helps small to medium sized organisations prepare their response to, and plan their recovery from, a cyber incident.

Cyber Essentials shows you how to put technical measures in place to protect your business against the most common internet threats. You can also apply for a Cyber Essentials badge to demonstrate to customers your business takes this issue seriously. Cyber Essentials is recommended by the government for all organisations which rely on the internet.

Get free online training for you and your staff

Cyber security training for businesses This page details a range of free e-learning courses to help businesses and staff protect themselves online.

Introduction to Cyber Security This course developed with the Open University and FutureLearn offers a comprehensive introduction to cyber security and how to protect your digital life online. Anyone with an interest can take part. Study is around two hours per week over eight weeks.

Report cyber crime and online fraud

Action Fraud is the UK’s national fraud and internet crime reporting centre. Use the online tool to report online fraud or cyber crime to the police.

Report a cyber security incident to the National Cyber Security Centre using this online reporting tool.

Ask for help

Find IT and cyber security companies in the UK This directory lists UK cyber security companies by name, by services or by products so you can find the help you need.

Certified Cyber Consultancy helps larger organisations get the right cyber security consultancy services to protect their information and do business online safely.

The Cyber-security Information Sharing Partnership (CiSP) enables businesses to share information on cyber threats, get Government threat alerts and discuss security issues via a secure online platform.

Advice for large businesses

The Board Toolkit is a new set of resources designed to encourage essential cyber security discussions between the Board and their technical experts. Board members don’t need to be technical experts, but they need to know enough about cyber security to be able to have a fluent conversation with their experts, and understand the right questions to ask.

The 10 Steps to Cyber Security shows larger businesses and organisations how to put a comprehensive cyber security risk management plan in place. This guidance is recommended by Government for all larger organisations operating online.

Protecting against ransomware. Ransomware is the key current cyber threat facing facing businesses and organisations. Make sure you’re protected by using the NCSC guidance on ransomware.

Cyber Assessment Framework provides cyber security guidance for organisations responsible for vitally important services and activities.

Get specialised cyber security guidance

The National Cyber Security Centre offers a wide range of useful guides on all areas of cyber security including password guidance, Bring Your Own Device (BYOD) and network encryption, as well as advice on how to deal with issues such as phishing, social engineering, patch management, denial of service (DoS) attacks and cloud computing security.

Published 1 March 2016
Last updated 20 December 2021 + show all updates
  1. Updated links to various pieces of guidance; added guidance on ransomware; removed out of date guidance.

  2. Added link to the updated NCSC guidance on ransomware. Updated other links.

  3. Updated to include new guidance and training from the National Cyber Security Centre.

  4. Added link to new NCSC Small Business Guide

  5. First published.