How to keep your small business safe from cyber attacks

Protecting your small business from online threats is a key concern. To learn how to do so, read on for expert advice and tips

Our experts

We are a team of writers, experimenters and researchers providing you with the best advice with zero bias or partiality.
Written and reviewed by:

It’s important to keep your company’s data and online security protected. While it may seem like an issue that only big corporations should be interested in, cyber security should be a primary concern for even the smallest of startups.

In fact, small businesses experience almost 10,000 cyber attacks each day. This is according to research published by the FSB in 2019. 

But how can small business owners secure their online data? What cyber precautions should be taken to protect remote workers? And what cyber challenges could coronavirus pose for startups specifically?

Here, Misah Maragh, senior compliance manager at MVF, explains which cybersecurity measures small businesses can put in place to protect themselves.

How can small businesses manage cyber security, and why?

“Small businesses should ensure that simple technical controls are in place, such as antivirus protections, and simple alert notifications (which you can enable on Google or Outlook). 

“You should also ensure that someone in the business understands information security and can translate the practical tips – such as not clicking on links or downloading attachments from people you do not know – to the rest of the business.”

What can startups do to provide cyber security for staff who are working remotely?

“Comms, comms and more comms. Stay connected with your employee(s) to keep them up to date with some of the cyber risks that they may face when home-working. 

“I find that by making your comms personal to the employee (i.e. not just about protecting the company), it ensures that the message resonates and can be applied easily. If you change the way they handle their own personal data, they will handle the company’s data the same way. 

“Before allowing your staff to work from home, ensure that they have completed information security training, or alternatively, have read your information security policy. Get them to complete a short quiz and record the results. There are a number of off-the-shelf modules you can buy online if you do not have the resources internally to create one yourself.

“At a minimum, download antivirus software protection to help filter out some of the cyber threats. It removes the aspect of human error and adds an additional layer of protection to the business. Advise your employees to shutdown their laptops at the end of the day to allow for any updates.” 

Which cyber security tips would you offer to small businesses during coronavirus specifically?

“Watch out for phishing emails. With more people working from home this is an ideal time for cyber scammers to target individuals. They are using emotive subjects such as tax rebates and charity donations for nurses to get people to click. 

“Take your time when reading emails, verify that you know the person who is emailing you, and finally, don’t click links.” 

Are there any myths about cyber security that you’d like to bust?

“That it is technical and only a space for tech experts. Cyber security is something we all need to understand and can understand. 

“As a compliance professional, translating complex jargon into easy and simple language is important. There are a number of government sites that can help you to do this if you need the content.” 

Describe the state of cyber security in the UK. What are your predictions for it?

“Cyber security is an ongoing war. As individuals move more of their life online it presents significant risks that individuals, businesses, government and ethical hackers need to stay abreast off. 

“It is ever-changing and cyber security options need to be continuously revisited. The rule is to not get complacent, as the hackers are always looking for new and interesting ways to gain access to our systems, data and money.” 


Small businesses can be targeted for cyber attacks. As Maragh explained, there are several simple steps that startups can take to protect themselves, including antivirus software and alert notifications. 

Also, be sure to have a team member responsible for information security, as well as communicating key details and actions to staff – especially if staff are working remotely. And with coronavirus causing more people than ever to work from home, look out for phishing emails. 

While it may seem like a daunting topic, online security is an essential element of business operations.

Written by:
Scarlett writes for the energy and HR sections of the site, as well as managing the Just Started profiles. Scarlett is passionate about championing equality and sustainability in business.
Back to Top