Frequently asked questions

A data breach occurs when a company’s cyber security measures are compromised which allows unauthorised access of information. It can be incredibly damaging to a businesses reputation as well as consumers if their information has been taken. Companies are legally required to have measures in place to protect personal data and must notify anyone that may be affected by a possible breach.

Malware is malicious software. Once into a system, malware can cause harm or disruption or steal information. It can get into your system if a user clicks on a link or opens a malicious attachment in an email for example. 

Criminals want to trick you into giving your information to them – this is known as phishing. They're hoping that you’ll click on fake links to sites or open attachments, so they can steal data or install malicious software. Malicious emails account for nearly three quarters of security breaches or attacks. It's often a good idea to pass round screenshots of any phishing emails that have been received by staff to make sure everyone is aware of them and can more easily identify any future suspicious emails.

They should be disposed of securely to ensure that it’s impossible to retrieve any data they hold. You may need to use a professional data disposal service to do this for you.

Storage devices include laptops, smartphones, USB devices, portable storage, servers and digital recorders for example.

The Government has also endorsed a Cyber Essentials scheme. It allows businesses of all sizes to be independently certified for having met a good practice standard in 5 areas of computer security:

  • Boundary firewalls and internet gateways
  • Secure configurations
  • User access controls
  • Malware protection
  • Patch management

If you gain certification it will allow your organisation to advertise that it meets a Government-endorsed standard.

Since October 2014 Cyber Essentials has been mandatory for suppliers of Government contracts which involve handling personal information and providing some ICT products and services. Holding a Cyber Essentials badge enables you to bid for these contracts.

White papers & guides

Documents & other resources

White Papers/Guides

How to access the security certificate on your browser

Website security certificates are important to show that you are on a secure site. We explain how to access the security certificate from various browsers including Chrome and Safari.

White Papers/Guides

Types of Information

There are 3 types of information an organisation may have. We list them here. Keeping this information safe and preventing unauthorised access to it is vital.

White Papers/Guides

Cyber Security Risk Assessment

Here we provide a handy summary of workplace considerations to help minimise the risk of security breaches and data loss.

White Papers/Guides

Dealing with a Ransomware Attack

Understand what you should do if you are subject to a ransomware attack compromising your systems and data, with this printable PDF.

White Papers/Guides

Types of cyber crime

This PDF provides a brief overview of some of the most common types of cybercrime.

White Papers/Guides

10 steps to cyber security

This resource outlines practical steps organisations can take to create an overall cyber security strategy.