Cybersecurity Top Tips
London Business Hub is providing cybersecurity advice and information to help businesses and the self-employed work safely. Our library of support covers a wide range of topics to help you identify and prevent common online threats.
The Police Digital Security Centre (PDSC) has published 10 key steps that can increase your cyber resilience and help prevent a cyberattack. The 10 steps are:
- Taking a risk-based approach to securing your data and system.
- Cybersecurity engagement and training for people in your business.
- Asset management to help keep track of your data and systems.
- Designing, building, maintaining and managing systems securely.
- Vulnerability management to keep your systems protected and secure.
- Supply chain security.
- Incident management.
- Logging and monitoring procedures to help you detect and investigate incidents.
- Data security.
- Access management to control who has access to your systems and data.
Visit the PDSC for resources and support to help you put these steps into practice.
It’s important that businesses, the self-employed and employees know how to use email securely. The following resources provide advice on email best practice:
- Protect your email reputation
This GCA Cybersecurity Toolkit explains how businesses can prevent the misuse of their email address.
- NCSC mail check
This tool from the National Cyber Security Centre (NSCS) provides advice on email security configuration and reporting.
- Email security and anti-spoofing
This guidance from the NCSC helps organisations to secure their email systems.
- Phishing scams
This blog from the Police Digital Security Centre (PDSC) provides advice on how to spot phishing scams.
- What is phishing and how to prevent it
This blog from the PDSC provides information on how to prevent phishing attacks.
- Understanding the criminal’s secrets
In this blog, the PDSC provides examples of phishing scams.
- Why you can’t rely on Office 365 alone for security
This video from Westtek Solutions provides advice on IT security.
- How to spot a dodgy email
This video from Westtek Solutions outlines seven ways to spot a suspicious email.
Asset management is the process of documenting an organisation’s resources, such as hardware, devices, applications, software and data. It helps businesses to manage and protect their assets from cyber threats. The following resources provide advice on asset management:
- Know what you have
This GCA Cybersecurity Toolkit helps businesses to identify all their devices and applications, as well as take steps to secure them.
- Restrict user privileges to reduce the insider threat
This blog from the Police Digital Security Centre (PDSC) explores how businesses can prevent accidental or intentional harm from within an organisation.
- Asset management benefits
This article from the PDSC sets out the benefits of effective asset management.
- Using removable media
This article from the PDSC outlines the do’s and don’ts when using removable media such as USB devices and memory cards.
- Tips to manage user privileges
This article from the PDSC outlines how to manage user privileges, which is the level of access a user has to online resources.
It’s important that businesses, the self-employed and employees are alert to cybersecurity threats. The following resources provide advice on identifying and addressing online threats.
- What would a cyberattack look like in the real world?
This video from Hiscox UK outlines different types of cyberattacks.
- Money mules
This video from the Metropolitan Police explains how to avoid being a money mule.
- Payment fraud
This video from the Metropolitan Police provides advice on avoiding payment fraud.
- Online shopping
This video from the Metropolitan Police provides tip on how to safely shop online.
- Weekly threat report
The National Cyber Security Centre publishes a weekly report to help businesses keep up to date with current online threats and scams.
- Glossary of common technical terms
The Police Digital Security Centre has published a short glossary of common technical terms.
- Threat alerts
The Police Digital Security Centre has published advice on how businesses can sign up for threat alerts.
- Glossary of common attacks
The Police Digital Security Centre has published a glossary of common cyberattacks.
Investing in cybersecurity certification can help protect your business from online threats. It also helps demonstrate that your business is serious about cybersecurity, which can be useful when bidding for work or trying to secure a new contract. The following resources provide an introduction to cybersecurity certification:
- Investing in cybersecurity certification
This blog from the Police Digital Security Centre outlines the government-backed Cyber Essentials certification scheme.
- Cybersecurity for SMEs
In this article, the Police Digital Security Centre introduces its Digitally Aware and Digitally Resilient certification schemes.
- NCSC certification
The National Cyber Security Centre (NSCS) provides information about where to become cybersecurity certified, as well as how to find certified services.
- The importance of cybersecurity
In this blog, the Police Digital Security Centre explains why cybersecurity is so important for businesses.
- 10 steps to cybersecurity
The National Cyber Security Centre has published an infographic setting out 10 steps to cybersecurity.
- Cybersecurity small business guide
The National Cyber Security Centre has published a guide to cybersecurity for small businesses. It covers topics such as backing up data and avoiding phishing attacks.
- Cyber Essentials
This guide provides an overview of the Cyber Essentials scheme.
Antivirus software helps businesses to protect their devices and data from viruses and malware. The following resources provide advice and information to help prevent viruses and other online threats:
- GCA Cybersecurity Toolkit: Prevent phishing and viruses
This online toolkit sets out the steps businesses can take to prevent phishing attacks and viruses.
- Background Security: Antivirus/anti-malware and firewalls
This blog from the Police Digital Security Centre provides an introduction to antivirus and anti-malware protection.
- How to avoid malware at home and work
This video from Bob’s Business provides tips on how to avoid malware.
- How to stay safe on the internet
This video from Bob’s Business provides tips on how to stay safe online.
- Antivirus extra features
This infographic provides information about the features of antivirus platforms.
- How to turn on your firewall
This resource from the Police Digital Security Centre explains how to turn on a firewall for two common operating systems.
- Malware glossary
The Police Digital Security Centre has published a glossary of common malware terms.
The following resources provide advice on how to work safely from home:
- Top cybersecurity tips for working from home
The Police Digital Security Centre (PDSC) has published 10 cybersecurity tips for working from home, as well as advice to help businesses spot coronavirus-related phishing emails.
- Security tips for closed business premises
Secured by Design, the Police Digital Security Centre and the National Counter Terrorism Security Office have put together a leaflet containing the top 10 security tips for closed business premises.
- Securing conference calls
The Police Digital Security Centre (PDSC) has published a blog about the steps businesses and the self-employed can take to secure live conference calls.
There are lots of steps businesses can take to manage information and technology risks. The following resources provide a starting point:
- Managing your information risk
The National Cyber Security Centre has produced an infographic to help businesses and the self-employed understand how to approach, assess and manage information and technology risks.
- Small Business Guide: Response and recovery
The National Cyber Security Centre has published a short guide to help small and medium-sized organisations prepare their response to and plan their recovery from a cyber incident. The guide sets out five practical and low-cost steps businesses can take.
Good data management can help prevent a breach or cyberattack. The following resources provide advice on how to manage data:
- Managing a breach
The Police Digital Security Centre has published a blog about how to manage a breach or cyber attack.
- Data backup
This blog provides advice on how to protect company data.
- Backing up your data
The Police Digital Security Centre has pulled together top tips for backing up your data.
- Backup options
The factsheet helps businesses identify the best backup option for their organisation.
- Cloud computing
This factsheet provides an introduction to cloud computing.
- What is BYOD?
This video provides an introduction to bring your own device (BYOD).
- Mitigating the risks of BYOD
Watch this video for tips on how to mitigate the risks of BYOD.
It’s important to use social media and third-party apps safely. The Police Digital Security Centre has published a number of resources to help businesses and employees manage their privacy settings on social media sites, including:
The Police Digital Security Centre has also published advice about how to download and use third-party adds.
Setting secure passwords is a practical and cost-effective way to strengthen your cybers resilience. The following resources provide advice on secure passwords:
- Password Policy: Advice for system owners
The National Cyber Security Centre has published an infographic on setting a password policy.
- Strong and weak passwords
The Police Digital Security Centre has published some examples of strong and weak passwords.
- GCA Cybersecurity Toolkit
The GCA Cybersecurity Toolkit includes practical resources and videos about how to set strong passwords.
An up to date operating system can help protect your devices from cyber risks. The following resources provide having on updating operating systems:
An effective incident response strategy supports businesses and the self-employed to respond to a cyber attack or breach. The following resources provide advice and information to help strengthen your incident response activities:
- Cyber Protection: Preventing business paralysis
This blog from the Police Digital Security Centre discusses the importance of cyber insurance.
- Exercise in a Box
This online toolkit from the National Cyber Security Centre helps organisations to find out how resilient they are to cyber-attacks and practice their response in a controlled environment.
- Would you be ready?
This online quiz from Business in the Community helps businesses to assess how ready they are to respond to a business interruption, such as a cyber attack.
- Cybersecurity products and services
The National Cyber Security Centre provides a database of certified products and services that help businesses to protect and guard against a cyber attack.
- Social Engineering: What to do when a scam is convincing
This blog from the Police Digital Security Centre provides advice about social engineering scams.
Updating your operating systems and software is a simple way to fix and prevent many security issues. It is crucial that updates are installed as soon as possible to prevent cyber criminals from exploiting vulnerabilities and security flaws.
The Police Digital Security Centre has published a step-by-step guide on how to update the most common operating systems:
This video from the Metropolitan Police Service also provides advice on why it’s important to keep software up to date:
Browse our library of support for more tips and advice to help you work safely during COVID-19. We cover a range of topics to help you identify and prevent common online threats.
Public WiFi can give hackers an opportunity to steal your personal data and login credentials. Therefore, it’s important that businesses and employees take measures to stay safe online when connecting to public WiFi.
The Police Digital Security Centre has published an article with advice on how to use public WiFi hotspots safely. Tips include:
- Avoid logging into any services where you need to provide your username and password.
- Use a Virtual Private Network (VPN) to browse more securely.
- Only use WiFi hotspots that you trust.
- If you think a connection is not secure, use 4G or 5G data instead.
Resources to help you spot and prevent cyberattacks.
Cybersecurity and Preventing Phishing Attacks
Advice and tips on spotting and preventing phishing attacks.
Cybersecurity and Protecting Your Data
Steps to help your business comply with data protection rules.