Freely subscribe to our NEWSLETTER

Here is the full story: https://www.ncsc.gov.uk/news/cyber-aware-action-plan

The comment from Richard Hughes, Head of Technical Cyber Security at A&O IT Group:

“The "Cyber Action Plan" from NCSC is a great first step to get sole traders and SMEs thinking and hopefully acting to ensure they are meeting the most basic requirements to reduce the risk of them from becoming the low hanging fruit for cybercriminals. The creation of a tailored action plan involves a short questionnaire that takes around 5 minutes and I would certainly recommend anybody running a small business to take a moment to complete this. There is no need to register or provide any personal details and the questions are straight forward covering areas such as password strength, backups and software updates. The action plan then provides sensible advice and in some cases step by step instructions to remediate perceived issues. The plan only covers the very basics cybersecurity requirements that security consultants have been preaching for years but hopefully with the planned advertising the message will reach the widest possible audience. Although the action plan is aimed at businesses with fewer than 10 employees, some of these will certainly need to consider a far more in-depth security review than can be provided in 5 minutes as cyber risk is not measured solely by the number of employees in a business. Without complicating what is supposed to be a simple questionnaire I believe there are additional questions that should be included that would indicate that a more detailed assessment may be required one of which could be "Do you have a website?". Advice should also be provided to prevent a false sense of security following the implementation of the provided action plan as despite the fantastic advice which will no doubt improve security the steps will certainly not guarantee a business is secure.”