Skip to content
LegalVision UK

How to Protect Your Company Against Cybercrime in the UK

Avatar photo

By Thomas Sutherland

Updated on
Reading time: 5 minutes

Meets editorial guidelines

This article meets our strict editorial principles. Our lawyers, experienced writers and legally trained editorial team put every effort into ensuring the information published on our website is accurate. We encourage you to seek independent legal advice. Learn more.

Follow us on LinkedIn
Table of Contents

Your business must know how to protect the valuable data your company possesses. Unfortunately, over the last 12 months, there has been a marked increase in cyber attacks on UK businesses. The relevant figures show that cyber attackers are targeting large companies and small businesses alike. This article aims to inform you of the nature of cyber threats, so your company can strive to guard itself against cybercrime.  

Why is Cybercrime on the Rise?

The COVID-19 pandemic provided the perfect conditions for cyber attacks. This is because nearly all businesses have had to work remotely. Unfortunately, remote work is often a weak entrance within a company’s IT network. By allowing remote access to employees, you may also inadvertently allow remote access for hackers.

What Information Do Cyber Attackers Want?

There are two primary forms of cyber attack: 

  • ransomware; and
  • security breach. 

Ransomware attacks involve an attacker locking the user out of their computer system. The attacker does so to demand a financial payment to return access to the system. Unfortunately, the average cost of these ransom demands is very high. Furthermore, there is no guarantee that the attacker does not retain a copy of the information for themselves. 

The second main form of cyber attack involves cyber security breaches. This attempts to ‘farm’ sensitive data from your business, including passwords, usernames, employee information and bank account details. Cyber security breaches aim to steal money and critical data from your company. 

Alongside fraudulent access to your bank accounts, there is a heightened risk of attackers using sensitive information about your staff, such as their date of birth and national insurance numbers, to commit identity theft.

Continue reading this article below the form
Need legal advice?
Call 0808 196 8584 for urgent assistance.
Otherwise, complete this form and we will contact you within one business day.

Preventing Cybercrime

The National Cyber Security Centre (NCSC) aims to provide UK businesses with written guidance on managing cyber risks. The NCSC website is a handy reference point for your business. Additionally, your company can increase its cyber resilience by performing the following steps.

Staff Training

Train your staff regularly about safe cyber security, such as avoiding suspicious links or unexpected emails. It is good practice to ensure that staff receive security training yearly.

Anti-Virus Software

Your business should use up-to-date antivirus software and safe staff identification methods, such as requiring smartphone fingerprints to permit remote access. If staff regularly use their own devices to access your system, you can put a written policy in place setting requirements on employee access.

Update Operating Systems

It is essential you regularly update your computer operating system. The NHS was negatively affected by the WannaCry ransomware attack in 2017 due to not updating its Windows operating system. Microsoft regularly updates their most recent Windows platforms with security patches to avoid cyber weakness, and your company should ensure its network is regularly updated. Apple does the same with their Mac operating systems, which also receive security updates;

Strong Passwords

Ensure staff use lengthy, complex passwords. Many data breaches start through exploiting a weak password, such as ‘password’, ‘admin’ or ‘1234’. A good password uses a mixture of upper and lowercase letters, numbers and symbols (such as ‘mYstronGp@55word!!’).

Cyber Insurance

Consider taking out cyber insurance cover within your business insurance plan. This form of insurance can potentially cover your business for financial loss caused by cyber-attacks. However, most insurers require your company to practice competent cyber security as a cover condition.

Key Takeaways

Over the last 12 months, many UK organisations have suffered repeated cyber attacks. Thankfully, robust antivirus software and system security can prevent most attacks.  However, it only takes one employee opening a virus-ridden email to put all of your company’s sensitive data at risk. One way of protecting your business from ransomware, for example, is to regularly back up your information onto an external server or storage device.  This means that your company could potentially reload its information onto a clean system (rather than pay a ransom). In addition, your business can implement policies such as staff training, updating operating systems and taking out cyber insurance.

If you need help with data protection security and guarding your business against cybercrime, our experienced Data, Privacy and IT lawyers can assist as part of our LegalVision membership. For a low monthly fee, you will have unlimited access to lawyers to answer your questions and draft and review your documents. Call us today on 0808 196 8584 or visit our membership page.

Frequently Asked Questions

What types of security does the NCSC help my organisation with?

The NCSC website provides guidance on ransomware, phishing, device management, malware and operational security. It also provides advice on strong password use and protection of sensitive data.

What is ‘phishing’?

Phishing is sending your business a fake email or text message that looks like it came from another party, such as your bank or a delivery company. They aim to get you to click on virus-ridden links within the message or enter bank details into a fake website.

Register for our free webinars

Sweat Equity: Helping Your Startup Grow

Online
Discover how sweat equity can support your startup’s growth. Register for our free webinar today.
Register Now

Selling a Business: Tips for a Successful Sale

Online
Selling your business? Learn essential tips to reduce risk and achieve a successful sale. Register for our free webinar today.
Register Now

How to Recover Unpaid Debts from Customers and Suppliers

Online
Struggling with unpaid debts? Discover your options. Register for our free webinar today.
Register Now

Preventing Employee Competitors: How to Protect Your Business

Online
Learn how to protect your business from employee competitors. Register for our free webinar today.
Register Now
See more webinars >
Thomas Sutherland

Thomas Sutherland

Read all articles by Thomas

About LegalVision

LegalVision is an innovative commercial law firm that provides businesses with affordable, unlimited and ongoing legal assistance through our membership. We operate in Australia, the United Kingdom and New Zealand.

Learn more

Related articles

Does My Business Need a Cybersecurity Policy?

Five Common Cybersecurity Myths for Companies in England

Five GDPR-Related Cybersecurity Mistakes Business Owners Make in the UK

Six Cyber Security Tips for Your Company in England

We’re an award-winning law firm

  • Award

    2024 Law Company of the Year Finalist - The Lawyer Awards

  • Award

    2024 Law Firm of the Year Finalist - Modern Law Private Client Awards

  • Award

    2023 Economic Innovator of the Year Finalist - The Spectator

  • Award

    2023 Law Company of the Year Finalist - The Lawyer Awards

  • Award

    2023 Future of Legal Services Innovation - Legal Innovation Awards