The NCSC Revamp the Small Business Guide to Cyber Security

The National Cyber Security Centre’s (NCSC) has re-launched their Small Business Guide which sets out five key areas for businesses to help improve their cybersecurity.

The new-look guidance arrives at a time when many organisations have staff working from home due to the coronavirus pandemic. This guide highlights accessible and actionable steps to take which have little to no cost.

The five steps in the Guide, (originally published in 2017) include advice on protecting passwords and avoiding email phishing attacks.

"This guide can’t guarantee protection from all types of cyber attack, but it does show how easy it can be to protect your organisation’s data, assets, and reputation." - Sarah Lyons, NCSC Deputy Director

Earlier this year, a survey by the Department for Digital, Culture, Media and Sport (DCMS) found around half of the micro and small businesses (52%) reported falling victim to a cybersecurity breach or cyber attack in the past year. The average cost to these businesses was nearly £1,000 – rising to more than £3,000 for some.

The Small Business Guide is part of a collection of NCSC guidance which has been reviewed and refreshed to offer up-to-date tips on implementing key security controls.

This includes the Small Business Guide: ‘Actions’ resource, which breaks down the recommendations into individual steps, and our Response and Recovery guidance which outlines how to prepare, manage, resolve and report an incident if one does occur.

The NCSC has published tailored advice and guidance to support all organisations, including how they can securely move their physical operations online and safely scale-up home working.

Read more about the Small Business Guide on the NCSC website and the latest support for small businesses from the CRCGM here.

The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of Cyber Resilience Centre for Greater Manchester (CRCGM) is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others.  Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. CRCGM provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

CRCGM does not accept any responsibility for any loss which may arise from reliance on information or materials published on this website. CRCGM is not responsible for the content of external internet sites that link to this site or which are linked from it.