To paraphrase the Christmas song “It’s the most vulnerable time of the year.” Cyber criminals don’t take a holiday, so your chances of being a victim of a cyber attack can increase.  

Christmas holidays are a prime time for criminals to take advantage of. At this time of year, organisations will start to close and will be running with a heavily reduced staff count which can make organisations vulnerable. Malicious cyber actors have often taken advantage of holidays and weekends to attack and disrupt critical networks and systems belonging to organisations, businesses, and critical infrastructure.

Does your current security strategy include a plan for cyber attacks during the holidays?

The benefits of having a business community plan are undeniable. When disaster strikes, getting business operations back up and running quickly is crucial. No business is immune to potential threats, no matter how big or small your organisation is.

Make sure you have taken all the necessary steps to secure your IT infrastructure ahead of time. From protecting your website, safeguarding your customer details to training your staff it’s time to take a closer look at your organisation’s cyber security.

Take the time now to review your business continuity plan and know where you can seek advice and support should you need it.

Developing a plan

A Cyber Incident Response Plan is a set of instructions that are designed to help you prepare, detect, respond and recover from cyber incidents. Having a plan will outline the recovery process, so that everyone knows what is required of them during an incident. Each department in your organisation should understand the incident response procedure.

Our Cyber Incident Response Pack is an easy-to-follow guide to setting up a cyber incident response plan for your business. It has checklists, action plans, and template documents that you can use today. This will help you identify and prioritise your company’s most valuable assets and links to advice to help you keep them secure.

Regular back-ups

Ransomware has been a growing cyber security threat, and one which could affect any organisation that does not have appropriate defences. Ransomware is a type of malware that prevents you from accessing your computer (or the data that is stored on it). The computer itself may become locked, or the data on it might be stolen, deleted or encrypted.

You should perform a regular back-up of your systems and data, which will enable quick restoration of business functions. Importantly, having offline versions of your backups is your best defence, as you can wipe any encrypted devices and restore from your offline back up. Read the NCSC’s blog on offline backups for more advice and how to defend your organisation from potential malware and ransomware attacks.

Keep all software up to date

All sorts of electronic devices can hold personal or financial data so it’s important to make sure you secure these devices with strong passwords and update the software regularly.

Companies fix any weaknesses by releasing updates. You should always make sure to install the latest software updates to protect your devices from vulnerabilities. Take some time to review your security settings on all your devices and make sure you’re protected against the latest threats.

Small Business Guide

The NCSC’s Small Business Guide and Small Charity Guide includes simple steps you can take to protect yourself and your business from cyber security risks. Doing these steps will significantly increase your protection from the most common types of cyber crime.

By proactively addressing the cyber security in your organisation, you can enjoy the holidays knowing you have minimized any potential risks.

Who to contact for support

Organisations looking for support and advice can call the free Cyber Incident Response Helpline. This helpline can support organisations that have been a victim of an attack and provide expert guidance to get back to secure operations.

Call the helpline on: 0800 1670 623

You can report cyber crime to Police Scotland by phoning 101

Back to top of the page