Small and medium-sized businesses (SMBs) forced to adapt to remote working due to COVID-19 have been given a list of six key questions they must consider as they devise their digital plans.
The National Cyber Security Centre (NCSC) has published advice aiming to guide SMBs as they navigate the digital terrain, which may be new for many. The latest guidance, part of the wider Cyber Aware campaign, comprises six key questions businesses must consider.
These aim to identify any of areas of risk, whether from cyber intrusion to information security, to whether there are areas that SMBs can improve on, such as giving employees adequate access to critical files.
“Small and medium-sized businesses have been handed extraordinary challenges due to the coronavirus, with many now considering how they can reach their customers in new ways,” said NCSC director for national resilience and strategy Dr Clare Gardiner.
“In a society that is increasingly reliant on technology, it is vital that businesses of all sizes have effective cyber security systems in place – and the NCSC is here to help. Asking the right questions now can go a long way ensuring that organisations are appropriately protected in the future.”
The six questions outlined by the NCSC are as follows:
- What technology do you use already?
- Are you using cloud services?
- Do you have access to IT Support?
- What cyber security measures do you have in place?
- Are there any regulations you need to follow?
- Do you have cyber Insurance?
Among the elements that businesses must take into account are whether agreements with supplies and vendors cover an increase in demand for hardware and bandwidth to handle additional web traffic.
SMBs must, for example, examine their Service Level Agreements (SLAs) to ensure they have the resources in place that they think they do.
In addition, businesses have access to adequate IT support to ensure their employees are able to carry out their roles smoothly.
Bosses must also read up on regulations such as GDPR, with SMBs processing personal information remotely, and sensitive data such as card payments as well.
The guidance provides a resource that aims to help small businesses manage this transition from digital to physical securely, which is especially pertinent given a recent rise in cyber security incidents. The full guidance can be accessed through the NCSC website.
-
Enterprise AI adoption is about to get the Big Brother treatmentOpinion Worried your staff aren’t using those shiny AI tools you petitioned for? Big tech has you covered
-
Dreamforce 2025: What's an agentic OS?ITPro Podcast NPUs, e-ink, and immersive headsets are the latest hardware innovations for business devices
-
ASUS, Cisco, Netgear devices exploited in ongoing Chinese hacking campaignNews Critical national infrastructure is the target of sustained attempts from state-sponsored hackers, according to Five Eyes advisories
-
Off-the-shelf ransomware is spurring a new era in the Ukraine warNews Experts agreed Russian forces could be overwhelmed, forced to use less sophisticated tools to meet the regime's demands
-
NCSC: “New class” of Russian cyber attackers seek to destroy critical infrastructureNews The cyber threat has been raised due to the heightened risk of ideologically driven cyber attacks from Russia-aligned adversaries
-
NCSC warns UK under state-sponsored spear-phishing attacks from Russia and IranNews The acceleration in spear-phishing campaigns last year coincided with the escalating conflict in Ukraine, according to the NCSC
-
NCSC founder details 'biggest regret' in underestimating organised cyber crimeNews In a rare public address, Martin also detailed his proudest achievement and how the idea for the NCSC came to be
-
Second Singtel subsidiary breach in a month sees customer and client data leakedNews The incident at Singtel subsidiary Dialog follows the earlier breach at Singtel-owned Optus, Australia's second-largest telco
-
UK, US condemn Iran for ‘unprecedented’ cyber attack against AlbaniaNews The Balkan nation has cut ties with Iran following the hack, which took down national infrastructure and exposed government information
-
Cyber attack on software supplier causes "major outage" across the NHSNews Unconfirmed reports suggest the attack may be ransomware-related, while the NHS contends with disrupted services on the 111 non-emergency line
