Over the past few months, organisations across the UK have had to rapidly adapt to new ways of working. Many are supporting their staff to work remotely; others have had to close their physical premises and find alternative ways to reach their customers. The ability to operate over the internet has been a lifeline for many, but with this comes cyber security challenges and greater exposure to online harms.
We know that cyber criminals are preying on people’s fears around the pandemic and, while overall levels of cybercrime have remained stable throughout the outbreak, we have seen a growth in coronavirus-related attacks. Other factors, such as the increased numbers of staff working from home, also present opportunities for cyber criminals to exploit.
In my role as director for national resilience and strategy at the National Cyber Security Centre (NCSC), I am responsible for helping organisations across the UK raise their cyber resilience. I realise that there will be many competing demands on businesses at the moment but it is vital to spend some time understanding how to strengthen online defences. As a first step, I would encourage SMEs to familiarise themselves with our Small Business Guide, which offers practical solutions on how to improve cyber security quickly, easily, and at low cost.
We have also recently published tailored guidance for smaller organisations that have or are planning to move their operations online. The “physical to digital” advice is a step-by-step guide that enables users to make the transition securely. It is broken down into six key questions that businesses should consider in order to identify current risks and areas for improvement, ranging from what type of technology is currently used, access to IT support, and the legal and regulatory responsibilities that apply.
As part of the collective management of the coronavirus outbreak, many businesses have encouraged their staff to work from home on a large scale and for a longer period of time than may be usual. It is important that organisations are able securely to set up new accounts and accesses so that staff can log on and communicate from home, and our complementary home working and video conferencing guides have a range of advice to help them do this.
Alongside our support for businesses, we want to equip everyone in the UK with the knowledge that will help protect them online. Our Cyber Aware campaign offers actionable steps that everyone can take to prevent themselves from falling victim to the majority of cyber threats. Taking action to enable two-factor authentication and ensuring apps and software are up to date are effective ways to stay secure. However, the most important thing people can do is have a separate password for their email account, because that really is the key to the kingdom.
While the cyber threat is very real, we believe that by working together the UK can be the safest place to live and do business online, even in these most challenging of times.
Dr Clare Gardiner is director for national resilience and strategy at the National Centre for Cyber Security.