Information Page

Welcome to our program dedicated to enhancing cyber security and supporting you take proactive steps to safeguard your digital assets and protect against threats.

It's crucial to prioritise cyber security measures to minimise any disruptions or damages, stemming from fraud or cyber incidents which can have significant consequences for your organisation's financial health.

By implementing effective cyber security measures, you can prevent unauthorised access to vital infrastructure, systems, and data. Additionally, you'll mitigate the risk of personal data breaches, preserving customer trust and your business's reputation.

The good news is that with proper understanding of your risks and vulnerabilities, along with the right mitigations in place, many of these attacks can be thwarted.

Feel free to explore the benefits of our program and take advantage whenever you're ready.

We are here to help!

In the last 12 months, 32% of businesses and 24% of charities recall a cyber breach or attack.

Source: Cyber Security Breaches Survey 2023

These are the common types of fraud and cyber incidents that businesses have reported in the first quarter of 2024.

By clicking on each of these buttons, you will discover steps you can take, to reduce the chances of encountering similar events.

Social Media Hacked

Hacking of emails

Company Hacked

Company data breached

Virus/Malware/Spyware

Company website hacked

Denial of Service

Ransomware

Phishing Emails

In the last 12 months, 32% of businesses and 24% of charities recall a cyber breach or attack.

Source: Cyber Security Breaches Survey 2023

Our mission is to work in partnership with small businesses and SMEs to grow and strengthen your resilience to online crime and cyber attacks. Supported by the regional Police forces, we are a trusted place to turn to for expert help, guidance, and support.

Here are a number of resources that will help you to improve your security:

Cyber action plan

Answer a few questions and get a personalised list of actions to help you or your business improve your cyber security.

ncsc.gov.uk/news/cyber-aware-action-plan

Exercise in a box

An online tool which helps organisations test and practice their response to a cyber-attack. It is completely free, and you do not have to be an expert to use it. It includes two exercises, a technical simulation, and a tabletop exercise. You just need to register for an account.

ncsc.gov.uk/information/exercise-in-a-box

A board room toolkit

Boards are pivotal in improving the cyber security of their organisations. The Board Toolkit has been designed to help board members get to grips with cyber-security and know what questions they should be asking their technical experts.

ncsc.gov.uk/collection/board-toolkit

Early warning service

Helps organisations investigate cyber-attacks on their network by notifying them of malicious activity that has been detected in information feeds.

ncsc.gov.uk/information/early-warning-service

Active cyber defence

This programme seeks to reduce the harm from commodity cyberattacks by providing tools and services that protect against a range of cyber security threats.

ncsc.gov.uk/section/active-cyber-defence/introduction

Connect inform share protect - CISP Platform

This is a joint industry and government initiative run by the NCSC and a good place for network defenders to find help and speak with like minded people.

ncsc.gov.uk/section/keep-up-to-date/cisp

Information security policies

In collaboration with information security subject-matter experts and leaders who volunteered their security policy knowledge and time, SANS has developed and posted a set of security policy templates for your use.

sans.org/information-security-policy

Cyber incident response template

Create your own cyber security incident response plan that will help you respond effectively in the event of a cyber attack or IT event.

secrc.police.uk/post/cyber-incident-response-plan

10 steps to cyber security

Guidance is designed to help organisations protect themselves in cyberspace. It breaks down the task of defending your networks, systems, and information into its essential components, providing advice on how to achieve the best possible security in each of these areas.

ncsc.gov.uk/collection/10-steps-to-cyber-security

Test filtering check

Free check to see if your internet connection blocks child abuse & terrorist content

swgfl.org.uk/services/test-filtering

Configure the O365 Phishing email report button

Set up O365 so users have immediate access to a report phishing button on the toolbar, which will send phishing reports instantly.

ncsc.gov.uk/guidance/configuring-o365-outlook-report-phishing-for-sers

Police cyber alarm
Police Cyber Alarm is a free Home Office funded tool, which helps businesses understand and monitor malicious cyber activity. The system monitors member’s internet traffic and will detect and provide regular reports of malicious activity to organisations helping them minimise vulnerabilities.

cyberalarm.police.uk

No more ransom

Law enforcement and IT Security companies have joined forces to disrupt criminal businesses. The goal is to help victims of ransomware retrieve their encrypted data without having to pay the criminals.

nomoreransom.org.

Completing simple cyber hygiene actions can be the difference in your business falling victim to fraud or a cyber attack. Here are some short videos to show you how to carry out a number of cyber security basics:

Secure your social media channels:

Use privacy settings across social media platforms to manage the information about you that is available online and to limit who can see the content you post. In this guide are steps to set your security settings for each major social media account.

ncsc.gov.uk/guidance/social-media-how-to-use-it-safely

Set up Two Step Verification on all accounts:

This video shows how to protect accounts that you care about, or would cause you the most harm if they were compromised or you lost access.

youtu.be/CyE59OtzSCM?feature=shared

Create and use a strong password:

When setting up new accounts, it's important to choose a strong password. This video shows an easy way to choose one made up of #3RandomWords.

youtu.be/btaYCPEzqIE?feature=shared

Using the National Cyber Security Centre’s Small Business Guide:

Following the five quick and easy steps outlined in the guide below could save time, money and even your business’ reputation.

youtu.be/zZ8p1LRwNFI?feature=shared

Protecting your business from Ransomware:

Ransomware is a type of malware which prevents you from accessing your device and the data stored on it, usually by encrypting your files. Learn how to protect your files and information with these steps.

youtu.be/DWmMm5IhLDw?feature=shared

Install the latest software and app updates:

Applying security updates promptly will help protect your devices and accounts from cyber criminals. If you receive an update prompt, don’t ignore it, applying these is one of the most important and quickest things you can do to keep yourself safe online.

ncsc.gov.uk/collection/top-tips-for-staying-secure-online/install-the-latest-software-and-app-updates

Apply appropriate account permissions for employees:

To minimise the potential damage that could be done if an account is misused or stolen, staff accounts should have just enough access to software, settings, online services, and device connectivity functions for them to perform their role. Extra permissions should only be given to those who need them.

cyberessentials.online/cyber-essentials-access-control-explained/

Check for common vulnerabilities in your IT equipment and systems:

Use this free service to perform some online checks to identify common vulnerabilities in your public facing IT. The checks are remote, with no need to install software and use the same publicly available information cyber criminals use, to find easy targets linked to IP addresses, browsers, and email.

checkcybersecurity.service.ncsc.gov.uk.

Check if you have been involved in a data breach

Register your organisation with a free service that will notify you when featured in a data breach, which is usually a precursor for business email compromise (really important if 2fa is inactive) and phishing email campaigns.

haveibeenpwned.com

Identify Phishing and Spear Phishing attacks

'Phishing' is when criminals use scam emails, text messages or phone calls to trick their victims. The aim is often to make you visit a website, which may download a virus onto your computer, or steal bank details or other personal information. This video explains how to report phishing attempts, and protect yourself from scammers.

youtube.com/watch?v=ygON2B9-xTw

No matter your size, consider this is government-backed certification scheme that helps you to guard against fraud and cyber threats and demonstrate your commitment to cyber security.

IASME, who are responsible for operating the Cyber Essentials and Cyber Advisor scheme have produced a short Youtube series to. explain the certification and how it works. You can watch the first video, 'An Introduction to Cyber Essentials' below.

The Cyber Essential Readiness Tool is preparation for the 2 levels of certification, Cyber Essentials and Cyber Essentials Plus - getreadyforcyberessentials.iasme.co.uk/questions/. Government contracts, and some private contracts, are now requesting Cyber Certification as part of their tender process.

Cyber Essentials and Cyber Essentials Plus

The IASME consortium manages this scheme on behalf of the National Cyber Security Centre. The 2 levels of Certification:

Interested in learning more about Cyber Essentials or want to get started?

In the South East, our cyber essentials partners can help you achieve either of the two levels of certification if you are not in a position to achieve them yourself.

Get in touch or view the partners here .