Free SME cyber security service launched

As the war in Ukraine drags on and sanctions are leaving Russia isolated, Russian hackers are busy attacking Western networks. Recently, cyber criminals hacked payrolls belonging to organisations including Boots, British Airways and BBC. Compromised information included banking details, National Insurance numbers and home addresses. In addition, recent figures show that 48% of small firms and 59% of medium firms identified cyber breaches or attacks in the 12 months leading to July 2022. SME cyber security is more important than ever.

Cyber Action Plan

We’ve already published a helpful article on small business cyber security, as well as others on email security and data theft. One of the key things SMEs need to know is that the National Cyber Security Centre (NCSC) has a remit to help small businesses. One way it does this is via an online publication called Small Business Guide: Cyber Security. This contains lots of useful information, including tips on protecting your organisation from malware, protecting your data and avoiding phishing attacks.

If you haven’t yet read this guide to SME cyber security, we strongly recommend you do so. We’d also recommend visiting the NCSC site to create a free cyber action plan.

Hands-on tools for SME cyber security

The NCSC has now launched a new, interactive service to help improve SME cyber security. If you visit this page, you can perform a range of simple checks that can identify common vulnerabilities in your public-facing IT. The checks are remote – you can complete them using your browser and you don’t need to install any software.

What are the new SME cyber security checks?

The first check allows you to check whether your IP address and website have any common weaknesses that could let criminals access your networks or devices.

As you can see, the check is very simple. The system automatically detects your IP address (although you can add a different one manually). You can also add your company’s domain, which in our case is thp.co.uk.

(You’ll note that we’ve blanked out our IP address).

When you submit the form, you’ll hopefully get a screen like this. You’ll see that no vulnerabilities were found. You also learn that the system checks for database servers, remote access methods, file shares and administrative interfaces.

Web browser check

The second service that’s available is a web browser check. The more out-of-date your browser is, the more vulnerable it is to hacking. That’s why it’s important to update every browser you use as soon as you can.

All you have to do is visit this link to check your browser. You’ll get a screen that looks like this.

If, like me, you haven’t updated your browser, you’ll get a screen like this one.

Then you’ll get advice on how to update your browser (I’ve done this now). You can also set an email reminder to check your cyber security every 28 days.

Upcoming SME cyber security service

The NCSC will soon be launching an ‘Email Security’ service that will allow you to check if your email domain has good practice protections in place. It will help you discover how secure your emails are and whether they are hard for criminals to forge.

Summary

SME cyber security is increasingly important. The new tools from the NCSC are basic, but they are helpful if you are not an IT expert and want to check the security of your domains, IP addresses and web browsers. We’re interested to see how the new email security check will work.

Given that the average cost of a cyber breach is £11,000, it’s worth paying attention to cyber security. You don’t want to make a hole like that in your accounts!