NCSC's advice and guidance is geared towards helping all organisations – however small – to help themselves. This includes voluntary groups, schools and charities as well as local and large national businesses of all kinds.
Firstly, if you think your organisation has been a victim of online crime, get in touch with Action Fraud, the national fraud and cyber crime reporting centre run by the police. The Action Fraud website also has information to help you understand different types of online fraud and how to spot them before they cause any damage.
To protect your organisation’s networks and data, follow the government’s advice at cyberaware.gov.uk. You’ll find easy-to-follow information on how to set up and follow good IT policies (including compliance with the Data Protection Act), as well as how to configure your networks to make them more secure. There’s guidance on how to sell securely online and tips on how to spot common scams. More free expert advice is available at getsafeonline.org, with detailed step-by-step guides to all aspects of operating online, including legal compliance, certification and information security.
All organisations are encouraged to follow the free guidance in the government’s Cyber Essentials scheme (to download the documents click here). By focusing on basic cyber hygiene, your organisation will be better protected from the most common threats. If you implement all the criteria for good basic cyber-security practice, you can apply for the Cyber Essentials badge, which demonstrates that your organisation meets government-endorsed standards (and is essential for winning certain government contracts).
NCSC’s own published guidance can help organisations to help themselves – 10 Steps to Cyber Security is a good starting point, and other useful documents are linked from the ‘Guidance’ section of this website. NCSC can’t have a direct relationship with every organisation in the UK, but we work closely with other government departments, industry regulators and interest groups to ensure organisations have access to good advice and the support and resources they need.
Any significant new cyber incidents or threats that require action by UK organisations are highlighted on the NCSC website, along with advice on what steps to take. In addition, all UK-registered companies or legal entities are eligible to apply to join the Cyber-Security Information Sharing Partnership (CISP). CISP is a free online platform with more than 2000 members, who share threat information and receive updates from industry and government analysts. For more information on CISP, click here. The Department for Business, Energy & Industrial Strategy have also produced a cyber security guide for small businesses www.gov.uk/government/publications/cyber-security-what-small-businesses-need-to-know .