Productivity
Our Business Advisor, Susan George, is a highly effective economic development professional with extensive senior management experience in both the private and public sector. We wanted to make the most of Susan’s wealth of experience and she hints and tips on relevant topics throughout the year.
We asked Susan:
Is your business prepared for the Cyber Security and Resilience Bill?
The Cyber Security and Resilience Bill was announced during the King’s Speech on July 17, 2024. The UK government plans to introduce this bill to Parliament in 2025. The exact date when the bill will come into force will depend on the parliamentary process and the timeline for its enactment.
The Cyber Security and Resilience Bill aims to strengthen the UK’s protection against cyber threats, ensuring that businesses—including small and medium-sized enterprises (SMEs)—are more resilient.
Here’s a Cybersecurity Compliance Checklist for SMEs to help you prepare for the Cyber Security and Resilience Bill.
Cybersecurity Compliance Checklist for SMEs
1. Assess Your Cybersecurity Readiness
✔ Conduct a cybersecurity risk assessment.
✔ Identify weak points in your IT systems.
✔ Keep an inventory of all devices, software, and data access points.
2. Strengthen Access Controls
✔ Enforce strong passwords (at least 12 characters, mix of letters, numbers, symbols).
✔ Enable Multi-Factor Authentication (MFA) on all accounts.
✔ Limit access to sensitive data to only necessary employees.
3. Train Employees on Cyber Risks
✔ Conduct cyber awareness training (phishing, scam emails, safe browsing).
✔ Test employees with simulated phishing attacks to measure awareness.
✔ Create a clear policy for reporting suspicious activity.
4. Secure Your Systems & Data
✔ Regularly update software and operating systems to fix security flaws.
✔ Install and maintain firewalls & antivirus software.
✔ Encrypt sensitive data stored and transmitted online.
✔ Set up automatic data backups (cloud & local storage).
5. Prepare for Incident Reporting & Response
✔ Develop a cyber incident response plan.
✔ Assign a team or individual responsible for cybersecurity.
✔ Test your incident response plan with a mock cyberattack scenario.
✔ Know how and where to report cyber incidents to authorities.
6. Protect Third-Party & Supplier Security
✔ Ensure suppliers meet cybersecurity standards before working with them.
✔ Use contracts that require vendors to comply with data protection laws.
✔ Regularly audit partners and vendors for cybersecurity compliance.
7. Stay Compliant & Avoid Penalties
✔ Follow the UK Government’s Cyber Essentials framework.
✔ Keep records of security audits and risk assessments.
✔ Review government updates on new cybersecurity regulations.
Final Step: Review this checklist quarterly to keep your business protected!
Looking for Business Advice?
Are you ready for the challenges that running a new business will bring? Or are you looking for advice on how to grow your already established business? Our business support service can provide impartial and confidential advice, and they’ll help you address and overcome any concerns you may have.
Download Our Enterprise Toolkit
We’ve put together your essential business resources in one handy download.
"*" indicates required fields
