top of page

Celebrating Small Business Saturday: How to stay cyber safe every day of the week

Updated: Dec 2, 2022

This weekend (3 December) marks the 10th anniversary of Small Business Saturday. The campaign has been growing consistently over the last decade and its message to encourage communities to shop locally resonates even more at present, as many try their best to navigate turbulent economic challenges.

The Cyber Resilience Centre for Wales (WCRC) itself is a small business which has been set up as a not-for-profit organisation and is a policing, private sector and academia partnership. Our aim is to help small businesses across Wales increase their cyber security awareness and to improve their protection against the real threat of cybercrime.

We understand that running a small business comes with many pressures and understandably sometimes things fall to the bottom of the pile. Cyber security best practice often becomes a lesser priority and unfortunately there’s a misconception that cybercriminals have no interest in restaurants in Flint, a pet shop in Builth Wells, the podiatrist in Neath or the landscaping company in Tregaron.

If you use anything digital to operate your business whether that’s email, online banking, social media, accountancy package, etc to operate your business, then cyber risks apply to you, too.

UK Government data reveals the average cost of a successful cyber-attack on a small business is £4,200 and 36% of small companies have experienced an incident in the last 12 months. It’s most certainly time to get the basics in place and we some have easy, cost-free suggestions for better cyber safety.

1. Make sure your passwords are different for every login – guidance from the National Cyber Security Centre (NCSC) recommends using three random words to create strong, unique passwords. Use a password manager which will remember them for you and for safe keeping. No more writing them down on a post-it note stuck to your screen. Change all default passwords too on any new equipment

2. Back up your irreplaceable data regularly - use cloud-based storage or an external hard drive that isn’t permanently connected to your network

3. Protect against malware (malicious software) – this is where a virus can affect your business. Anti-virus protection, with auto-updates installed will help keep threats at bay. Make sure all IT equipment, software, devices and apps are all up to date too

4. Switch on multi-factor authentication - also known as two-factor authentication, this is an added layer of protection when signing into accounts. A verification code is sent to you – this can be via email, text or an authenticator app – to verify if you’re the intended user of the account that is trying to be accessed

5. Sign up for free core membership – we will help you understand some of the most common types of cybercrime and how they happen. Membership packs include national guidance from the NCSC including the Small Business Guide, additional resources, toolkits, regular cyber updates, tips and much more.

Being cyber aware has never been more important and we have removed the jargon and other barriers that put small business owners and decision makers off from implementing basic levels of protection. If you could do with any kind of cyber-related assistance, we’re here to help. There’s no such thing as a silly question, so please don’t hesitate to contact our team.


The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for Wales is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others. Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for Wales provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

The Cyber Resilience Centre for Wales does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for Wales is not responsible for the content of external internet sites that link to this site or which are linked from it.

bottom of page