Cyber resilience case study: A view from the front

Updated: Oct 26

The sole reason the Cyber Resilience Centre for Wales (WCRC) exists is to help businesses and organisations across the country become safer online and increase awareness about the pitfalls of being digitally connected.


Adding value, not costs is the approach we take to ensure that cyber security is accessible to the greater good and we offer free core membership to enable business owners and decision makers of start-ups, SMEs, established companies and charitable organisations to safeguard their places of work against online intruders.


Members receive a variety of resources, guidance and regular cyber updates, which are practical, simple and effective. But don’t just take our word for it, we’d like to introduce you to Anthony Ernest, MD of a family-run property maintenance business in the Cardiff area, and the very first core member of the WCRC. Read on to learn about his cyber resilience experience with us to date.





Taking the initiative


“Like many SMEs, we rely on a small network of computers and devices to run our business. Recently, we’ve picked up on press reports about cybercrime affecting businesses and had been a bit concerned about a number of unwanted emails which made it through our spam filters. This prompted us to look at our cyber resilience measures.


We were first alerted to the Cyber Resilience Centre for Wales through an article in a Welsh business magazine and decided to sign up there and then to the scheme. We joined the free core membership package – but additional packages are there for larger businesses and corporates with greater requirements.


The process


Signing up via the website took a minute or two, and within 24 hours we were contacted by WCRC Client Relationship Manager Keira, who efficiently ran through a couple of essentials with me and arranged a follow-up online meeting with the centre’s Head of Cyber and Innovation, Detective Inspector Mike Preston who spent a considerable time discussing our concerns and talking us through guidance provided by the National Cyber Security Centre.


Cyber security doesn’t mean complex


Following this very helpful meeting, we are now carrying out the several recommendations offered. I altered our backup process and ensured that our backups are not connected to our network. This means that we are now better protected against risks posed by ransomware attacks – instances where hackers encrypt company data and threaten to delete it unless a ransom is paid.


A good feature of our core membership is the monthly newsletter we receive. It contains tips, direction, and it reinforces the guidance provided by the National Cyber Security Centre.


One measure that I am keen to promote is the forwarding of suspicious emails to Action Fraud by sending them on to report@phishing.gov.uk. I highly recommend this to all businesses, as every scammer taken down benefits us all in the end. Another measure I’m keen to champion to businesses is the use of strong passwords. We use a password manager which helps to generate and remember complex passwords for applications that are essential to our company.


We cannot recommend joining the WCRC too highly – it provides comprehensive tools and guidance on cyber resilience and is a good source of guidance and support if anything drastic should occur.”


If you would like to speak with a member of the WCRC about cyber security requirements for your business, please get in touch to arrange a chat.

The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for Wales is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others. Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for Wales provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

The Cyber Resilience Centre for Wales does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for Wales is not responsible for the content of external internet sites that link to this site or which are linked from it.