When something unexpected happens, such as a cyber incident, it can be difficult to know how to react. Naturally, you will want to resolve the problem as quickly as possible so you can resume business as normal.
Guidance from the National Cyber Security Centre (NCSC)
The NCSC provides a range of free tools, guidance and support to help UK businesses make and keep themselves secure. You can find a host of information for small and medium sized organisations on the NCSC website, and links to specific guidance listed below.
Setting up 2-step verification
This guidance explains how you can set up 2-step verification (2SV) on your important online accounts. Doing this makes it harder for criminals to access your online accounts, even if they know your password.
Advice on creating a strong password
Small Business Guide: Cyber Security
How to improve your cyber security; affordable, practical advice for businesses.
PDF version for you to download and keep
Small Business Guide: Response & Recovery
Guidance that helps small to medi
How to improve cyber security within your charity - quickly, easily and at low cost. Following the advice in the Cyber Security: Small Charity Guide will significantly increase your protection from the most common types of cyber crime.
Business email compromise: defending your organisation
This guidance helps small to medium sized organisations deal with business email compromise (BEC). It provides actions to help businesses reduce the likelihood of being affected by BEC, and includes steps to take if you think your organisation has already been compromised.
Download and keep this handy PDF inforgraphic on Business email compromise - dealing with targeted phishing emails
Mitigating malware and ransomware attacks
How to defend organisations against malware or ransomware attacks. This guidance helps private and public sector organisations deal with the effects of malware (which includes ransomware). It provides actions to help organisations prevent a malware infection, and also steps to take if you're already infected.
Ransomware is a type of malware which prevents you from accessing your device and the data stored on it, usually by encrypting your files. A criminal group will then demand a ransom
in exchange for decryption.
Email security and anti-spoofing
A guide for IT managers and systems administrators to help you secure your organisation's email systems
Small organisations often use online services (also known as ‘cloud services’) so they don’t have to worry about setting up and managing new IT infrastructure. This guidance will help you to use online services securely, so that you’re less likely to be the victim of a cyber attack.
How to choose, configure and use cloud services securely.
Guidance for organisations on how to choose, configure and use devices securely.
Cyber security considerations for organisations thinking about taking out cyber insurance.
Supply chain security guidance
Proposing a series of 12 principles, designed to help you establish effective control and oversight of your supply chain.
Denial of Service (DoS) guidance
Guidance to help organisations understand and mitigate DoS attacks.
A step by step guide to recovering online accounts.
Guidance on NCSC services
Vulnerability scanning tools and services
Advice on the choice, implementation and use of automated vulnerability scanning tools for organisations of all sizes.
Protective DNS for the private sector
Advice on the selection and deployment of protective Domain Name Systems (DNS).
Infographics of NCSC guidance
The NCSC also provide a repository of useful infographics aimed at small businesses, you can find those to download and keep at:
Small businesses - NCSC.GOV.UK
Organisations and cyber security professionals - NCSC.GOV.UK