General

Cop 26 Climate Conference will be taking place in Glasgow at the end of October. This event will undoubtedly attract lots of attention and that could include individuals with malicious intent, both in person and online.

Cyber criminals take advantage of the opportunities offered online to meet their gains, be it for profit, reputational damage or to cause harm.

All organisations and events, regardless of profile and size, are at risk from commodity attacks. These attacks exploit basic vulnerabilities using readily available hacking tools. Businesses should be aware of the potential threat from cyber criminals.

You can help prepare your small business or charity from the most common cyber threats by putting some basics cyber steps in place.

Advice to help protect your business or charity, whether you’re based in Glasgow or across Scotland.

Learn how to protect yourself or your small business online with the Cyber Aware Action Plan. Answer a few questions on topics like passwords and two-factor authentication, and get a free personalised list of actions that will help you improve your cyber security.

In partnership with Police Scotland, Scottish Business Resilience Centre produced an introductory guide to cyber security with steps to protect your data and devices as well as sign posting to useful sources of information.  Cyber Security advice for businesses and charities.

The most effective actions to keep your organisation safe online

A good start is taking a look at the National Cyber Security Centre’s (NCSC) Small Business Guide and Small Charity Guide. Following the five quick and easy steps outlined in the guide below could save time, money and even your business’s reputation.

The guide includes 5 steps:

• Backing up your data
• Protecting your organisation from malware
• Keeping your smartphones (and tablets) safe
• Using passwords to protect your data
• Avoiding phishing attacks

Small Business Guide Infographic

By ensuring you have strong passwords on your accounts, and making sure your applications and software are up to date, can help keep your devices secure.

This guide can’t guarantee protection from all types of cyber attack, but the steps outlined below can significantly reduce the chances of your business becoming a victim of cyber crime.

If you want to improve your cyber security further, then you can seek certification under the Cyber Essentials scheme.

Be on the lookout for phishing emails

Phishing emails that are pretending to be well-known brands are becoming harder to spot. These are fake emails or text messages that look like the real thing but are malicious. The criminal will try to convince you to click on links within their message that could lead to a virus being downloaded on to your computer or persuade you to reveal personal, sensitive or financial information.

• Never click on links in an unexpected email or text message. You can verify requests by visiting the organisation’s website directly or checking your online account. 
• Be aware of potential emails looking for personal or security information.
• Blog on spotting the tell-tale signs of a phishing attack and Dealing with targeted phishing emails
• Phishing emails can be reported to the National Cyber Security Centre by forwarding these to [email protected]
• Suspicious text messages should be forwarded to 7726. This free-of-charge short code enables your provider to investigate the origin of the text and take action, if found to be malicious.

Cybercrime can take many forms. By understanding the types of attacks and stages involved can help you better defend yourself.

Incident Response Planning

This is an ideal time for you to review your business continuity and incident response plans to ensure you are prepared to continue to deliver services at an acceptable level despite potential disruption.

CyberScotland Partnership have produced a Cyber Incident Response Pack which covers the main steps towards cyber resilience and helps you prepare your response in a structured and managed way. This pack includes an introduction to IR planning, a ‘prepare your business checklist’ and an ‘emergency contact list template’, as well as really helpful advice on reputation management and legal responsibilities during an incident.

Watch our webinar where we will talk you through these documents and how these can help your business prepare for dealing with a cyber incident.

Useful links

• Get Ready Glasgow – https://www.getreadyglasgow.com/cop26 A website to help businesses in the city prepare for COP 26. It covers areas including safety, security, traffic and transport and how you can get involved. They have also produced a Business Ready Guide.
• Transport Scotland – https://www.transport.gov.scot/COP26
• Police Scotland – https://www.scotland.police.uk/advice-and-information/
• Scottish Business Resilience Centre – Cop 26 Digital Information Hub for business which provides information and resources to keep organisations secure. https://www.sbrcentre.co.uk/community-membership/cop26-3
• Organisations looking for advice and support can call the Cyber Incident Response Helpline on 01786 437 472 (weekdays 9am-5pm)
• National Cyber Security Centre – https://www.ncsc.gov.uk/ provides guidance on a range of cyber security topics.

Should you fall victim to any criminal activity, please report the matter to Police Scotland as soon as possible using the non-emergency number 101.

More information to on how protect your business online can be found across the CyberScotland website.