Cyber attacks are an unfortunate reality for many businesses, but armed with knowledge and support, the risks and damage can be limited.

The National Cyber Security Centre’s (NCSC) new Response & Recovery guide provides a 5-point plan to help businesses prepare for and deal with a cyber-attack.

The steps covered are:

• Preparing for incidents
• Identifying what’s happening
• Resolving the incident
• Reporting the incident to stakeholders
• Learning from the entire incident

You can view the guide here, while the NCSC has written a blog to accompany it, which you can read here.

The guide is a companion piece to the NCSC’s Small Business Guide.

Report cyber-crime and phishing attempts

Visit the Action Fraud website to report cyber-crime or fraud, or call them on 0300 123 2040.

If you are experiencing a live cyber-attack, call the same number but press 9 on your keypad to escalate your call as a priority.

Get more advice and information on cyber security

• The NCSC’s new Exercise in a Box tool is a cyber security tool that provides exercises based on the main cyber threats and enables users to assess how they would respond to an attack.
• ‘Are you worried about cyber-crime affecting your business?’ – The Thames Valley Cyber Protect Team write about the Cyber Essentials Scheme and the 4Ps of cyber security: Pursue, Protect, Prepare, Prevent
• ‘What to do if you are suffering a live cyber-attack’ - Read Action Fraud’s guide for businesses in the event of a cyber-attack, including how to stop it & secure evidence to aid an investigation.
• ‘Learn how to beat mandate fraud’ - Mandate fraud is one of the most reported frauds in the UK. You can defend your business against it by following some simple tips.
• ‘Buckinghamshire Business First’s close shave with cyber fraud – and what we can all learn from it’ - In 2017 we had a near miss with a cyber fraudster, and it was clear from our experience just how easily any company could fall victim to these scam artists. Read our cautionary tale.

Since this episode, we have encountered further attempts at fraud which we have thwarted thanks to the processes we have in place. We can certainly vouch for both the risks of fraud and the benefits of implementing plans to cope with threats.