COVID-19 Notice: Thomas Carroll remain committed to putting our clients at the forefront of what we do. We are fully operational at home so that we can continue to provide the same quality service that you normally enjoy from our team. Please click here for our COVID-19 risk management updates and advice hub.

If you’re in business, we have produced a number of guides, checklists and templates to help with your return to work preparations and ensuring your workplace is safe for your employees in these challenging times.


4 ways small businesses can protect themselves from a cyber attack

11 Apr

Many small businesses think that because they’re not a large firm, they won’t be a target of cybercrime. However, that isn’t the case. A recent study showed that 31% of small businesses in the UK reported a breach or cyber attack in 2018. Despite this, only 15% of small businesses have a formal cyber incident management process, leaving the majority unprepared for an attack.

Although there is no way to guarantee your business’ safety, our 4 tips below will help protect your business and lower your chances of falling victim to cybercrime.

1) Use strong passwords

This one might seem obvious, yet a recent survey found that 23% of the UK population routinely use their name or date of birth as their online passwords and one in ten Brits use the same one or two passwords for all of their online accounts. Encourage your employees to use strong passwords, with lower and uppercase letters, numbers and symbols to make it more difficult for hackers to enter your systems.

2) Look out for suspicious emails

The latest crime survey by the Office of National Statistics showed that email hijacking increased by 35% between September 2017-2018 in England and Wales. Here are a few things to look out for when deciding if an email is fraudulent or not:

  • Check that the sender’s email address is legitimate
  • Hover your mouse (don’t click) over linked text to see if the link looks weird
  • Look out for spelling mistakes and poor grammar
  • Be wary of emails that aren’t addressed to you personally
  • If an email is asking for personal information, such as bank account details, don’t trust it
  • Beware of subject lines that provoke fear, e.g. ‘Your account has been suspended’
  • Check the signature contains legitimate contact details
  • Don’t open email attachments that you weren’t expecting

3) Keep up-to-date with updates

Software and app updates contain important upgrades that keep your devices and information safe. Employees should download updates as soon as they are prompted to and not put them off, to ensure their data is protected.

4) Educate your employees

According to a recent report, 90% of all cyber security breaches are caused by human error. Even the simplest of mistakes, for example leaving your laptop on a train, emailing information to the wrong person or misplacing a memory stick can cause a cyber breach. Therefore, it’s vital that you educate your employees about the steps they can take to reduce the risk of your business falling victim to cybercrime.

For more tips on how to better protect your business and educate your employees on how they can contribute to keeping your company safe, please click here.

What should you do next?

The 2019 UK Cyber Security Breaches Survey found that 31% of small businesses, 60% of medium businesses and 61% of large businesses suffered cyber breaches in the last 12 months. Despite this, many businesses still believe that a cyber attack won’t happen to them.

Although the steps outlined above will mitigate risk, reviewing your commercial insurance portfolio and introducing cyber insurance will help you safeguard your business in the unfortunate event of an attack. Speak to our Cyber Executive, Emma Buckley today on 01792 704317 or at to discuss a bespoke digital and data policy for your business.