Back in October we launched the Small Business Guide (SBG), our quick and easy-to-understand guidance to help small businesses protect themselves from cyber crime. In the months that followed we collated feedback from small businesses to see how we could improve and grow the SBG.
With the help of our Regional Organised Crime Units – who enthusiastically promoted the guide to small businesses in their regions – the feedback expressed the need for a list of actions to accompany the guide. This would effectively make it a ‘working document’ and give businesses a record of what they have done.
So, we are pleased to announce the launch of the Small Business Guide Actions leaflet. It is the newest supplement to the SBG collection, and is a simple checklist to help businesses identify and document actions required from the SBG.
The checklist comprises 3 sections, shaped around the workflow of a business. This should help business owners identify who in their organisation is best placed to take ownership of these actions, and to help them understand what part of their business processes each action falls into.
Completion of the checklist does not give you any form of cyber security certification; if you’re looking to improve their cyber security further, you should seek certification under the Cyber Essentials scheme. However, implementing the actions can significantly reduce the chances of you becoming a victim of cyber crime.
We recently conducted a survey with small businesses who were early adopters of the actions list. These businesses stated that – like health and safety – the action list’s accessible and compact format means it can be integrated into their normal workflow. The modular design allows them to pick out parts to implement, as and when they have time. The businesses described the actions list as ‘easy to read and understand’ and ‘comprehensive and practical’.
We hope you find the list useful within your organisations and, as ever, we look forward to hearing more of your feedback.
SME Regional Engagement Lead
Source: National Cyber Security Centre