By Armstrong Watson, Accountants, Business and Financial Advisers

THE National Cyber Security Centre (NCSC) has advised business owners to take action following Russia’s invasion of the Ukraine. With the cyber threat heightened, the NCSC has said that organisations should act on improving their resilience and bolster their online defences.

While the NCSC – which is part of GCHQ – is not aware of any current specific threats to UK organisations, there has been an historical pattern of cyber attacks on Ukraine with international consequences.

The most important thing for organisations of all sizes to do is to make sure that the fundamentals of cyber security are in place to protect devices, networks, and systems, with suggested actions to take as follows:

Check your system patching: Ensure your users’ desktops, laptops and mobile devices are all patched, including third party software such as browsers and office productivity suites. If possible, turn on automatic updates.

Verify access controls: Who has access to your systems and how, passwords, multi-factor authentication, old or unused accounts etc?

Ensure defences are working: Anti-virus software, firewalls, etc.

Logging and monitoring: Ensure systems are up to date.

Review your backups: Are all running correctly, do you have an offline back up?

Incident plan: Make sure you have one and it’s up to date.

Check your internet footprint: Ensure that records of your external internet-facing footprint are correct and up to date.

Phishing response: Are processes in place for staff to report phishing emails?

Third party access: Remove any access that is no longer required and ensure you understand the security practices of your third parties.

NCSC services: Check your CiSP account works to share information of threats and register for the Early Warning service.

Brief your wider organisation: It is essential that the wider business understands the situation and that they are on the lookout for and understand how to report anything suspicious.

Whilst the above provides a broad overview of the actions you can take to help protect your business these shouldn’t just be actioned when the threat level increases as cyberattacks can happen at any time. Our Client Technology partners always advise that you should carry out a yearly cyber ‘health check’ or ‘MOT’ of your systems to ensure the best protection.

For more information contact our Client Technology team at help@armstrongwatson.co.uk or phone 0808 144 5575.