ICAEW.com works better with JavaScript enabled.

Cybersecurity: building a business plan of action

26 February 2021: The National Cyber Security Centre has launched a new tool to help businesses access relevant cybersecurity guidance and tackle the growing threat of cybercrime.

Over the past year, businesses in the UK have adjusted to new ways of working and are using the internet more than ever before. According to a report from the Centre for Economic Performance, more than 60% of businesses are using new technologies since the beginning of the pandemic. This is happening in almost all industries – including accounting. 

The increased use of email, online payments and collaboration software has brought great benefits to the finance and accounting sector, but it does come with risks. Early in the coronavirus pandemic last year, the National Cyber Security Centre (NCSC) published guidance for businesses on securely making the transition to organisation-wide home working.

Knowing which measures to take to improve a business’s cybersecurity isn’t always straightforward. There is a lot of information available and sifting through this to find relevant guidance can take a lot of time and effort.

To assist with this, the NCSC has launched a new tool that will help businesses access relevant cybersecurity guidance. Sarah Lyons, Deputy Director for Economy & Society at the NCSC, told ICAEW Insights that after responding to questions on their current IT practices in the new Cyber Action Plan, respondents will receive tailored advice on how to improve their cybersecurity, based on the responses given.

“For accountants, and business owners more widely, cybersecurity should be a priority and I’d strongly recommend visiting cyberaware.gov.uk,” said Lyons. “We would encourage them to familiarise themselves with the site’s guidance and test themselves against the Cyber Action Plan.

“It will only take a few minutes to enter the information and it’s free – but it might just provide the priceless knowledge needed to better protect them and their businesses from cybercriminals.”

Take Cyber action

The Cyber Action Plan recommendations stem from the six practical, actionable steps from the technical experts at the NCSC that protect businesses from the majority of online crime: 

  1. Use a strong and separate password for your email
  2. Create strong passwords using 3 random words
  3. Save your passwords in your browser
  4. Turn on two-factor authentication (2 FA)
  5. Update your devices and apps
  6. Back up your data

The behaviours underpin the cross-government Cyber Aware campaign and businesses may hear NCSC radio advertisements in March urging businesses to use the Cyber Action Plan. 

Further resources: