Cyber Security

A government report last year found that 43% of businesses and 19% of charities had suffered a cyber-attack in the previous twelve months.

These alarming statistics should cause every business and charity to review their cyber-security arrangements.

Email is a routine method of communication nowadays, but you should always be wary of emails containing file attachments or links to websites.

You should be wary too of emails purporting to come from someone you know (even someone within the business) asking you to execute a financial transaction.

It is a simple matter for a fraudster to generate an email that appears to come from within your organisation but which is in fact fake. If you are suspicious, call the purported sender just to make sure the email is genuine.

Strong, frequently changed passwords are a must. Obvious numbers such as 11111 or 12345, dates of birth, family names or pets’ names should be avoided.

Anti-virus software should be installed alongside an effective firewall, security updates should be downloaded regularly and systems regularly scanned. Physical security over computers and mobile devices is also important.

Data should be backed up regularly (the frequency will depend on the size of the business and your appetite for risk, but daily backups are prudent). The backups should be stored securely, off site, so that in the event of a disaster your data will be safe.

Perhaps the single most important thing is to ensure that you have procedures and systems in place and that everyone understands and adheres to them. The threats are always there, so constant vigilance is needed.

Fraudsters know that first thing on a Monday morning or last thing on a Friday afternoon are good times to attack, as are busy times.

And if you think it can’t happen to you, believe me it can. I have met some very switched on people who have fallen – or nearly fallen – victim.   

So, should all this put you off using computers and software in your business? Absolutely not, digital technology has the potential to help you operate your business more efficiently and more profitably, but you should take prudent precautions.

As a first step, have a look at the excellent small business guide on the National Cyber Security Centre website. Putting the advice it contains into practice will help you to avoid falling victim to a potentially costly fraud. It is worth making time to do it today: tomorrow could be a day too late.

Paul Aplin is a tax partner with A C Mole & Sons and President of the Institute of Chartered Accountants in England and Wales; you can follow him on Twitter at @PaulAplinOnTax or email him at