Font Size: A A A

Case Studies

Free Cyber Action Plan for small firms

The UK official National Cyber Security Centre (NCSC) has created a Cyber Action Plan for micro businesses and sole traders. They’re invited to take a few minutes over an online questionnaire at that generates a personalised list of actions linked to the Cyber Aware behaviours.

Matt Warman, Digital Infrastructure Minister said: “We want the UK to be the best place in the world to do business online, so I welcome the NCSC helping sole traders and micro businesses with tailored advice on defending against cyber threats.

“I strongly recommend business owners take advantage of this tool to help us build back safer from the pandemic and ensure there is no way in for hackers.”

NCSC Deputy Director for Economy and Society, Sarah Lyons said: “Small businesses are the lifeblood of this country, but we know they can be a target for cyber criminals, particularly as they move more operations online. Our free Cyber Action Plan is here to help, offering bespoke, actionable information linked to the Cyber Aware behaviours.

“If you work for yourself, or run a small business, I would urge you to spend a few minutes on the questionnaire and follow the steps to help secure your business.”

Adverts promoting the tool will be broadcast on radio and online from March 5. Something similar for home IT users and families is promised.

About Cyber Aware

It’s UK government’s advice on how to stay secure online, offering six actions people can take to protect themselves from most cyber crime, such as malware, and email and website scams; visit

Those six actions are:

– Use a strong and separate password for your email;;
– Create strong passwords using three random words;
– Save your passwords in your browser;
– Turn on two-factor authentication (2FA);
– Update your devices; and
– Back up your data.


“Welcome the support for SMEs, cyber firm Skurio CEO Jeremy Hendy said: “The fact that they are less likely to have dedicated information security staff trained in digital risks and, sometimes lack watertight processes for activities like payment authorisation or changing banking details can make them an attractive target for cybercriminals.

“SMEs are more likely to use cloud services and apps and have staff working remotely, with services like IT support, payroll, accounting and marketing frequently outsourced. In this respect, many were ahead of the curve in managing data security in a distributed environment before the covid-19 pandemic changed business operations. The practical advice offered by the NCSC on security policies including backups, password management and multi-factor access controls as well as software updates are a timely reminder for SMEs, many of which have undergone staff changes over the last 12 months.”


Related News