Building a cyber security plan of action for your business

Sarah Lyons, Deputy Director for Economy & Society, the National Cyber Security Centre (NCSC) – sets out the fundamentals of staying cybersecure.

Over the past year, businesses in the UK have adjusted to new ways of working and are using the internet more than ever before. According to a report from the Centre for Economic Performance, more than 60% of businesses are using new technologies since the beginning of the pandemic. This is happening in almost all industries – including accounting.

The increased use of email, online payments and collaboration software has brought great benefits to the Finance and Accounting sector, but it does come with risks. Early in the coronavirus pandemic last year, we published guidance for businesses on securely making the transition to organisation-wide home working.

Knowing which measures to take to improve our cyber security isn’t always straightforward, though. There is a lot of information out there and sifting through this to find relevant guidance can take a lot of time and effort.

At the NCSC, we have launched a new tool that will help businesses access cyber security guidance that’s relevant to them. After responding to questions on their current IT practices in the new Cyber Action Plan, they will receive tailored advice on how to improve their cyber security, based on the responses given.

The Cyber Action Plan recommendations stem from the six practical, actionable steps from the technical experts at the NCSC that protect us from the majority of online crime:

  1. Use a strong and separate password for your email
  2. Create strong passwords using 3 random words
  3. Save your passwords in your browser
  4. Turn on two-factor authentication (2 FA)
  5. Update your devices and apps
  6. Back up your data

The behaviours underpin the cross-government Cyber Aware campaign, and you may hear our radio advertisements in March urging businesses to use the Cyber Action Plan.

For accountants and business owners more widely, cyber security should be a priority and I’d strongly recommend visiting cyberaware.gov.uk. We would encourage them to familiarise themselves with the site’s guidance and test themselves against the Cyber Action Plan. It will only take a few minutes to enter the information and it’s free– but it might just provide the priceless knowledge needed to better protect them and their businesses from cyber criminals.

If you would like to improve your cyber security further visit the small business pages on our website. Here you can access a range of resources and guidance created specifically for small business owners.

AAT Comment offers news and opinion on the world of business and finance from the Association of Accounting Technicians.

Related articles