Top five cybersecurity tips Top five cybersecurity tips

In a digitised economy, how prepared are small businesses to face cyber threats?

With the shift towards hybrid-working and changing consumer expectations, a digital offering is a necessity for all modern businesses. This exposes businesses to new risks.

Small businesses are particularly vulnerable. According to the latest government data, 50% of small businesses suffered a cyber breach or attack in the last year, with the average cost of an attack over £10k.

Scroll down to see what small businesses can do to address the bad habits that create vulnerabilities and top tips on how to keep safe.

Top 5 cybersecurity tips

What measures can businesses take to shore up their cybersecurity?

1. Update your systems and software regularly

While you and your business may not have the resources nor manpower to fix vulnerabilities yourself, the big players do. They are constantly identifying and remediating, or ‘patching’, those flaws through software updates.

Therefore, it is important that operating systems, apps, web browsers and other software are updated every few days. You could even set company devices to auto-update.

2. Install basic cybersecurity protections

Another step you can take is to install basic protections like anti-virus, anti-malware software, and a firewall. The former will help scan your devices and files for malicious software, and remove them once identified. The latter will monitor incoming and outgoing network traffic, patrolling it for any suspicious activity.

3. Use multi-factor authentication and practice good password hygiene

Make sure all employees are meeting password best practices, using long, complex and unique passwords across their accounts. Using a password manager is a useful tool to help with this. Equally important, is enabling multi-factor authentication (MFA) wherever possible.

4. Back up your data

To ensure important data is not lost during a cyber-attack, you need to regularly back it up. Even better, you should back your data up on an offline drive. This ensures it can be recovered quickly and reduces the leverage cybercriminals have to blackmail you.

5. Implement security awareness training

To make good cybersecurity practices a habit and part of the company culture, organisations must build a supportive environment where it is okay to ask questions as many cybersecurity attacks succeed because someone was afraid of looking silly.

It is also crucial that continuous cybersecurity training is carried out to address the specific knowledge gaps in your organisation.

Many cybercriminals will frequently leverage people’s heightened emotions (e.g a phishing email that uses fear to push someone to click a malicious link) or risky behaviours (e.g employees who use the same password across accounts), to hack into your systems.

As such, we need to make a conscious effort to educate employees on their role in defending the company as well as empowering them with the knowledge and tools to combat those threats.

Guide to cybersecurity for small businesses

Business are exposed to more risks than ever before. Read our guide to cyber security for small businesses to understand the threats out there and what you can do to mitigate them.

How do people pick their passwords?

According to research, the most common influences are:

  1. People’s names (e.g. children names, fictional characters, friends, celebs)
  2. Randomly generated
  3. Place names (i.e. towns, cities)
  4. Numbers
  5. Animals (pets)
  6. Things/objects
  7. Key calendar dates
  8. Bands/musicians
  9. Sports teams
  10. Food

The names of people we know are revealed as the most common influence for passwords. When deciding on your passwords, it is best to avoid using names of family members or your favourite Harry Potter character as it might put you at greater risk, with the chart to the right showing it’s a pattern of behaviour that can be easily exploited.

Read more articles about cybersecurity

Authorised by the FCA

The FCA supervises UK financial services firms to protect consumers. We are directly authorised and regulated by the FCA and our Firm Reference Number is 656459. These details can be confirmed on the Financial Services Register at or by calling the FCA on 0845 606 1234.

A-rated financial strength

Our insurance products are underwritten by Standard & Poor’s A-rated financial strength or higher. This means the underwriter has been independently assessed by the world’s leading credit rating provider and found to have a strong capacity to meet financial commitments (pay claims).

Protected by the FSCS

If you are a business with an annual turnover under £1m, charity with an annual income under £1m, or trust with net assets under £1m, then you will be entitled to compensation from the FSCS in the unlikely event we cannot meet our obligations. Full details and further information on the scheme are available at