top of page

The best defense is a strong offense

It’s been fantastic to see the success of Wrexham Football Club this season, which culminated in a return to the football league and an open-top bus parade through the city to celebrate. Obviously, their Hollywood owners, Rob McElhenney and Ryan Reynolds along with their ‘Welcome to Wrexham’ documentary show, have had a real impact on the club.

I was recently in Wrexham on match night and there was a real buzz around the city. That success has also been a welcome boost to the hospitality sector in the area, with the increased numbers of visitors to the city and surrounding attractions.

As a small business in the hospitality sector, it is understandable that the focus will be on generating revenue, especially against the backdrop of the cost-of-living crisis. The challenge of dealing with not just rising prices, but also potential customers cutting back on spending is significant. So, reviewing your cyber security may not be a priority.

Cyber threats are very real

Many believe that being a small business in a small country makes the likelihood of suffering a cyberattack unlikely but that is not how it works. The cybercriminal will look for vulnerabilities, and if they are there, they will look to exploit them. It doesn’t matter whether you are a hotel in Wrexham, or a restaurant in Solva, or a café in Llanrwst, you can still be victim to cybercrime if you don’t take simple precautions.

The impact this will have on your business can be hugely damaging. Imagine that your website was taken down, or your computers used for bookings were encrypted, or customer data was stolen, or your social media account was hijacked. Many hold personal data, and this is often what the criminal wants to get access to whether to commit fraud or to blackmail you. That is why cyber security should be up there as one of your priorities.

Reducing the risk

The good news is that you can take simple steps to significantly reduce your vulnerability to a cyberattack. It doesn’t need to be technical so forget the word ‘cyber’ and just view this as basic security measures, much as you do having a lock on a door, or an alarm system. Let’s start with a few basic points:

· What have you got in place to protect your most important accounts? We recommend a strong password using three random words, in conjunction with two-factor authentication.

· Will you and your staff recognise a phishing email? There was a time when these were easily recognisable, but today they can be extremely sophisticated and look like they are from someone you can’t ignore, such as HMRC. Make sure you know the tell-tale signs, and remember we are seeing more and more Welsh language phishing emails!

· Where are you storing your data and what have you got in place to protect it? Make a backup of your most important data, and ensure the backup is disconnected from your network or device.

· Review and understand your obligations regarding the various privacy laws regulating your customer relationships.

· Test your security. For example, are there any vulnerabilities on your website? It is surprising how often there are!

These are all things the WCRC can help you with and the membership we offer is free.


The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for Wales is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others. Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for Wales provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

The Cyber Resilience Centre for Wales does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for Wales is not responsible for the content of external internet sites that link to this site or which are linked from it.

bottom of page