ActionFraud - National Fraud & Cyber Crime Reporting Centre - Call 0300 123 2040

Cyber security guidance for organisations

When something unexpected happens, such as a cyber incident, it can be difficult to know how to react. Naturally, you will want to resolve the problem as quickly as possible so you can resume business as normal.

Guidance from the National Cyber Security Centre (NCSC) 

 The NCSC provides a range of free tools, guidance and support to help UK businesses make and keep themselves secure.  You can find a host of information for small and medium sized organisations on the NCSC website, and links to specific guidance listed below. 

Setting up 2-step verification 

This guidance explains how you can set up 2-step verification (2SV) on your important online accounts. Doing this makes it harder for criminals to access your online accounts, even if they know your password. 

Three random words 

Advice on creating a strong password 

Small Business Guide: Cyber Security 

How to improve your cyber security; affordable, practical advice for businesses. 

PDF version for you to download and keep 

Small Business Guide: Response & Recovery 

Guidance that helps small to medi

Small Charity Guide 

How to improve cyber security within your charity - quickly, easily and at low cost. Following the advice in the Cyber Security: Small Charity Guide will significantly increase your protection from the most common types of cyber crime. 

 

 

Business email compromise: defending your organisation 

This guidance helps small to medium sized organisations deal with business email compromise (BEC). It provides actions to help businesses reduce the likelihood of being affected by BEC, and includes steps to take if you think your organisation has already been compromised. 

Download and keep this handy PDF inforgraphic on Business email compromise - dealing with targeted phishing emails 

Mitigating malware and ransomware attacks 

How to defend organisations against malware or ransomware attacks.  This guidance helps private and public sector organisations deal with the effects of malware (which includes ransomware). It provides actions to help organisations prevent a malware infection, and also steps to take if you're already infected. 

A guide to ransomware 

Ransomware is a type of malware which prevents you from accessing your device and the data stored on it, usually by encrypting your files. A criminal group will then demand a ransom  

in exchange for decryption. 

Email security and anti-spoofing 

A guide for IT managers and systems administrators to help you secure your organisation's email systems 

Using Online Services Safely 

Small organisations often use online services (also known as ‘cloud services’) so they don’t have to worry about setting up and managing new IT infrastructure. This guidance will help you to use online services securely, so that you’re less likely to be the victim of a cyber attack.  

Cloud security guidance 

How to choose, configure and use cloud services securely. 

Device Security Guidance 

Guidance for organisations on how to choose, configure and use devices securely. 

Cyber insurance guidance 

Cyber security considerations for organisations thinking about taking out cyber insurance. 

Supply chain security guidance 

Proposing a series of 12 principles, designed to help you establish effective control and oversight of your supply chain. 

Denial of Service (DoS) guidance 

Guidance to help organisations understand and mitigate DoS attacks.  

Recovering a hacked account 

A step by step guide to recovering online accounts. 

 

Guidance on NCSC services 

Vulnerability scanning tools and services 

Advice on the choice, implementation and use of automated vulnerability scanning tools for organisations of all sizes. 

Protective DNS for the private sector 

Advice on the selection and deployment of protective Domain Name Systems (DNS). 

 

Infographics of NCSC guidance 

The NCSC also provide a repository of useful infographics aimed at small businesses, you can find those to download and keep at: 

Small businesses - NCSC.GOV.UK  

Organisations and cyber security professionals - NCSC.GOV.UK