Contact Us

A cyber-attack is when an online criminal or state, often known as hackers, gains unauthorised access to a computer system in order to steal, change, expose or destroy information.

To prevent their businesses from being negatively impacted by cybercrime, it’s important that everyone is well prepared and business owners take responsibility for the security of their business and themselves. This guide outlines how small businesses can develop an effective cyber security strategy.

Cyber Threats

There is a wide range of threats which can be deployed by people who wish to do you or your business harm ranging from simple attacks which can be carried out by anyone with a laptop and an internet connection to groups dedicated to this kind of activity who are well organised and funded.

Some common threats include:

Phishing: Fraudulent emails or text messages, which often appear to be from a legitimate company, asking the recipient to send personal information such as passwords and bank details. Phishing is one of the most common methods of cyber-attack used by hackers on businesses.

Malware: Software that gets unauthorised access to a computer and causes harm. Viruses, which infect legitimate software are a common form of malware. Ransomware is another one. This is when a criminal blocks access to data or systems until a ransom is paid.

Denial of service: An attack designed to shut down computer systems so they can’t be accessed by legitimate users by flooding systems with traffic. This is often used as a distraction to overload defences in order to carry out other more destructive attacks.

Cyber security tips

To combat cyber-attacks, there are various actions businesses can take:

Provide employee training

Employees should be trained in cyber security and how to work safely online. They should know how to spot a potential cyber-attack and how to report it should one occur.

For example, staff should be educated in the threats posed by phishing emails. It’s common for criminals to send emails which appear to be from the boss of the company asking employees to make a payment to a bank account. The emails might also ask the recipient to click on a link. Doing so could lead to malware being installed.

Signs of phishing to look out for include bad spelling and grammar, poor quality branding and a veiled threat to act quickly.

Secure passwords

All your devices and online accounts should be protected by complex, unique and secure passwords. Many modern devices also use fingerprint and face recognition which can replace a password.

Avoid using predictable words such as your pet’s name or phrases like ‘password123’ that a criminal could easily guess.

To cut down on the passwords you need to remember, you can use a password manager. This is a tool which stores and creates multiple passwords that you access using one master password.

For important services such as banking and social media, switch on two-factor authentication. This adds an extra layer of security by requiring two methods to verify your identity such as adding your email address and password followed by a code sent to your phone as a text message.

If you suspect a cyber-attack has occurred, you should change your passwords as soon as possible.

Backup your data

You should make sure you regularly backup important business data such as customer details, payment information, documents, emails and photographs. This means you’ll have a copy if your company is attacked.

Backups should be restricted so they are not accessible by employees and not permanently connected to the device holding the original copy. Malware can also infect back up storage devices such as a USB stick.

Keeping backups in a different location, such as using cloud storage solutions, is also recommended. It’s a good idea to regularly test that back-ups are working correctly.

Install antivirus software

Antivirus software plays a key role in preventing cyber-attacks and is one of the easiest ways to protect your business.

You should install anti-virus software from a reputable company on all devices you use.

Run regular scans from your antivirus software and immediately deal with any issues that a scan identifies.

Switch on firewalls

A firewall monitors traffic coming in and out of a computer or network. It acts as a buffer between your systems and external networks, such as the internet, to block threats.

A basic firewall is included with most operating systems, however professional can offer a wider range of protection and assurance.

Use up-to-date software

All software, operating systems and apps should be kept up-to-date with the latest versions from vendors. This ensures you get critical security updates that protect your devices. 

Automatic updates should be switched on where possible and when updates are no longer available because support has been withdrawn by the developer, you should consider replacing it with new software. Businesses still using old versions of Windows which are no longer supported leaves them more vulnerable to cyber-attack.

For more information on this topic, check out the Cybersecurity and Infrastructure Security Agency (CISA) website here.

Date published Jul 29, 2022

This article is intended to inform rather than advise and is based on legislation and practice at the time. Taxpayer’s circumstances do vary and if you feel that the information provided is beneficial it is important that you contact us before implementation. If you take, or do not take action as a result of reading this article, before receiving our written endorsement, we will accept no responsibility for any financial loss incurred.

Sign up for our newsletter

Receive important tax news suitable for business owners and self-employed professionals.

Choose the right accounting firm for you

Running your own business can be challenging so why not let TaxAssist Advisors manage your tax, accounting, bookkeeping and payroll needs? If you are not receiving the service you deserve from your advisor, then perhaps it’s time to make the switch?

Local business focus icon

Local business focus

We specialize in supporting independent businesses. Each TaxAssist Advisor runs their own business, and are passionate about supporting you.

Come and meet us icon

Come and meet us

We enjoy talking to business owners and self-employed professionals who are looking to get the most out of their accounting firm. You can visit us at any of our locations, meet with us online through video call software, or talk to us by telephone.

Switching is simple icon

Switching is simple

Changing accounting firm is easier than you might think. There are no tax implications and you can switch at any time in the year and our team will guide you through the process for a smooth transition.

See how TaxAssist Advisors can help you with a free consultation

Contact us