ICAEW.com works better with JavaScript enabled.

Cyber security

Cybercrime and threats to computer systems have become a major concern of businesses around the world. Our growing reliance on IT and the internet has greatly increased the impact of hacking, security failures and the loss of systems. At the same time, cyber attackers have become more sophisticated and organised. How worried should businesses be? And what are the main steps they should be taking? This resource centre provides a focal point for ICAEW members looking for support in managing cyber risks.

In this section

Features and articles

Coronavirus (COVID-19): tech considerations around home working

26 March 2020: coronavirus is forcing many people to work from home to reduce social contact and minimise the associated risk of transmitting the disease. Technology is key to helping people work at home, so what are some of the things to consider when setting up and managing home working for your staff over the coming weeks and months? 

Coronavirus guide: cyber hygiene and data

Criminals thrive in times of uncertainty and fear, and the UK’s National Cyber Security Centre (NCSC) has already reported an increase in cyber threats which refer directly to the coronavirus. This guide outlines the key steps to basic cyber hygiene and highlights some useful resources.

ICAEW Know-How: Personal data breaches

The Data Protection Act 2018 (DPA 2018) came into force on 25 May 2018 to replace the Data Protection Act 1998. It sits alongside the General Data Protection Regulation (GDPR). This guide is part of a series that explain some of the new or more difficult concepts introduced by the DPA 2018 and the GDPR.

Cyber attack response plan

This guide provides an overview of a cyber attack response plan. Organisations of all sizes and types should download this plan today in readiness for when a cyber incident takes place. This will help reduce your business risk and improve business resiliency.

Standards and regulations

Cyber Essentials Accreditation

Cyber Essentials is a Government-backed and industry supported scheme to guide businesses in protecting themselves against cyber threats. Certification against this scheme is increasingly required for any company bidding for government contracts and sometimes their supply chain too.

An essential guide to security standards

Navigating the expanding landscape of information security standards can be a challenge. So if you don’t know your PCI DSS from your ISO 27001, Lesley Meall’s at-a-glance guide can help.


The General Data Protection Regulation (GDPR) came into force on 25 May 2018. It applies to everyone trading within the EEA (including UK individuals and organisations).

Finance in a digital world

Finance in a Digital World

ICAEW is collaborating with Deloitte to ensure its members and students have the knowledge and skills to take advantage of the opportunities offered by the fourth industrial revolution and to meet its challenges head on. Log-in to access exclusive content, including: eLearning, webinars and bite-sized summaries on individual technologies and the broader impact of digital technologies on finance.

Webinars and recordings

Building your cybersecurity defences

Stuart Jubb, MD of Consulting at Crossword Cybersecurity, and Nikki Cole, an experienced Non-Executive Director, discuss the processes that Boards should have in place to manage their cybersecurity risks.

Cybercrime and GDPR in the Manufacturing Sector

Dr Jane Berney, Business Law manager at the ICAEW and Professor Jim Gee, Head of the Forensic and Counter Fraud Services Team discuss cybercrime and GDPR in the manufacturing sector

Securing your data and enabling clients to secure theirs

In this webinar, cyber security expert George Quigley, offers advice on how practitioners can keep their own data secure, plus what advice and services they could offer to their clients to help them keep their data secure.

The Library & Information Service provides a hand-picked collection of industry press articles as a benefit of membership. If you are unable to access an article, please see our Help and support or contact library@icaew.com

Human factors critical to securing digital transformation

The article offers information on several human factors to secure digital transformations and suggests that sourcing the latest cyber security technology to support digital transformation projects is meaningless if you fail to address your organisational culture and the people in it.

How to mitigate IOT security risks to tap business benefits

Article looks at how security concerns are preventing many businesses from adopting internet of things-based technologies – but with a planning, the business benefits can be realised by mitigating the risk.

Cybercriminals are cashing in

Article looks at the rise in ransonware attacks and organisations paying to release their data and why this can be dangerous.

GDPR one year on: time for real estate to take stock

Real estate businesses need to ensure they are ready to handle a personal GDPR data breach.

Terms of use: You are permitted to access articles subject to the terms of use set by our suppliers and any restrictions imposed by individual publishers. Please see individual supplier pages for full terms of use.

Be cyber aware

Government campaign to raise cyber security awareness. Gives advice on: protecting your device; protecting your data; and protecting your business.

Cyber essentials scheme

Advice from the National Cyber Security Centre to help protect organisations against cyber attacks. There are three levels of engagement , two of which leads to accreditation for certified cyber security.

National Cyber Security Centre

Practical guidance for organisations including 10 steps to cyber security. Also provides information on cyber security threats detected in the UK.

Get safe online

Free expert advice from the Government supported public/private partnership. Personal and business guidance is provided in areas such as hardware, information security, online safety and security, rules, guidelines and procedures, software and ways of work.

ICAEW accepts no responsibility for the content on any site to which a hypertext link from this site exists. The links are provided ‘as is’ with no warranty, express or implied, for the information provided within them. Please see the full copyright and disclaimer notice.

More on this topic

Information security threats and solutions

Information security is the branch of risk management that seeks to manage threats to organisational information. There are of course all kinds of information security risks. They all need to be assessed and businesses need to decide how to treat each one. This guide is solely concerned with the mitigation of information security risk.

Auditing the cloud: Gaining assurance that the service is safe for business

As an auditor you face the challenge of addressing a burgeoning new form of service delivery that is not directly controlled by the organisation that has entrusted their data to the cloud. This helpsheet is intended to assist internal and external auditors to understand the risks associated with moving organisational activities to the cloud and scope a cloud-based services audit.

Developing a BYOD strategy

This guide is aimed primarily at SME organisations that need an overview of what BYOD (Bring Your Own Device) actually is, how it can be used to the organisation’s advantage and how to start developing their own BYOD and mobile strategy for using and managing mobile devices successfully within their business.

Cyber resilience

In an IT world without obvious boundaries, Amar Singh explains how to avoid cybercrime and bounce back after an attack.

Disaster recovery

This article takes a timely look at the importance of IT Continuity Management and its relationship with Business Continuity Management (BCM), its corporate benefits, key business drivers and milestones in the process, the current threats to operations, and the impact it is having on the resilience agenda.

Cyber attack response plan

This guide provides an overview of a cyber attack response plan. Organisations of all sizes and types should download this plan today in readiness for when a cyber incident takes place. This will help reduce your business risk and improve business resiliency.

The essential guide to cyber recovery

How to recover in the event of a data breach. This guide draws on expert insights from our volunteers and members, with some very helpful case studies outlining real life examples – one of which is a ransomware example similar to the scenario above, and where the firm did have a backup.

Cyber security – another view from the top

Kirstin Gillon reports from the second of our roundtable series on cyber security, with guest speaker Ian Livingston, exploring how boards are becoming more engaged in the need to protect their business.

From here to indemnity

With cyber attacks on the rise, the need for businesses to insure against threats is imminent. Arvind Hickman talks to the experts about why prevention is better than cure

Going by the board

In the first of a series of faculty roundtable discussions, information security professionals discuss how boards can help in the fight against cyber risk.

* Some of the content on this web page was provided by the Chartered Accountants’ Trust for Education and Research, a registered charity, which owns the library and operates it for ICAEW.