Introduction from Buckinghamshire Business First

This article is the first in a series from the Thames Valley Police Cyber Protect Team.

Cyber security is a big issue for businesses, and it is important that businesses are thinking and talking about it.

If you are a victim of cyber crime, it is important that you report it to Action Fraud. The cycle of crime only continues if no one talks about it, so talking publicly about your experiences can also help to spread awareness of certain scams and threats, helping to educate others so they don’t also fall victim. These conversations should also take place internally within organisations, particularly with those who have access to sensitive data, or who have the authority to sign off payments.

These articles from Thames Valley Police will inform local businesses of potential threats and provide advice and resources to help them stay safe.

By the Thames Valley Police Cyber Protect Team

Hello and welcome to this new bi-monthly column, aimed at bringing key Cyber Protect messages to SMEs across the Thames Valley area.

What is Cyber Protect?

It is a strand of the UK National Policing's 4Ps (Pursue, Protect, Prepare, Prevent). Cyber Protect is delivered on behalf of the National Police Chiefs' Council, in conjunction with the UK Cyber Security Strategy of 2016.

TVP Cyber Protect helps to safeguard the public and businesses from fraud and cyber crime, reduce demand, and assist victims of crime. Our other aims are to empower our own staff in taking ownership and responsibility for their own digital activities and footprint, thus increasing their personal knowledge and abilities to advise or signpost to additional advice or information.

To help familiarise you with some of the terms we will be using in this and future articles, take a look at the below graphic:

What actions can SMEs take to reduce their online vulnerability and improve their security?

The Cyber Essentials Scheme

Cyber Essentials is a simple but effective Government-backed scheme that will help you to protect your organisation, whatever its size, against a whole range of the most common cyber-attacks.

Cyber-attacks come in many shapes and sizes, but the vast majority are very basic in nature, carried out by relatively unskilled individuals. They are the digital equivalent of a thief trying your front door to see if it’s unlocked. Our advice is designed to prevent these attacks.

Three levels of engagement

Not everyone has the time or resources needed to develop a full-on cyber security system. So we’ve designed Cyber Essentials to fit with whatever level of commitment you are able to sustain.

There are three levels of engagement, but the simplest is to familiarise yourself with cyber security terminology, gaining enough knowledge to begin securing your IT.

If you need more certainty in your cyber security, you can visit these links for basic or entry level Cyber Essentials certification.

To get a sense of the scale of the problem, take a look at some business-related statistics from the most recent National Cyber Profile (April-September 2018):

Contact the Thames Valley Police Cyber Protect Team

In the coming months we will provide more context and advice to help assist your business. However, if you wish to be provided with more specific information or would like a presentation for your staff or management, please email cyber.protect@thamesvalley.pnn.police.uk.

You can now follow us on Twitter: @TVPCyber_Fraud

You should report Fraud and Cyber Crime to Action Fraud: https://www.actionfraud.police.uk.

One example of fraud: Mandate fraud

Mandate fraud is where someone tricks you into changing details of a direct debit, standing order or bank transfer by pretending to be an organisation you make regular payments to. Examples include a business supplier or a subscription.

It’s a simple but effective fraud and is used a lot. Scammers can easily steal a huge amount of money.

Examples of mandate fraud

Someone contacts your business pretending to be one of your suppliers. They say their bank details have changed so you need to amend their account to reflect this. You make the change.

But the next month the genuine supplier asks what’s happened to your monthly payment. You realise you’ve been a victim of fraud.

Read more about mandate fraud and how to minimise your risk to it on the Thames Valley Police website.

What to do if you are suffering a live cyber attack

Read Action Fraud’s guide for businesses in the event of a live cyber attack, including how to stop it and secure evidence to aid an investigation.