Cyber security: Knowing where to get help as an SME

By Dawn Bishop - Alcea Content Writer

How can SMEs in the UK get advice about Cybersecurity?

In today's hyper-connected world, safeguarding our online presence has become paramount. Now more than ever, individuals and organisations in the UK and around the world are prime targets for cyber-attacks ranging from phishing scams to sophisticated ransomware assaults. As we navigate this complex digital terrain, understanding and implementing robust cybersecurity measures is not merely a choice but a necessity.

In this article we delve into the essential advice tailored to the UK's cybersecurity landscape, offering actionable insights and best practices to help fortify our digital defences. We look at help for small and medium-sized businesses (SMEs) who often face unique challenges with cybersecurity due to limited resources, expertise and awareness.

The article sets out to highlight internet sites and agencies that can assist in setting up a safe strategy for all sizes of businesses.

Where can SMEs get cyber security advice?

SMEs in the UK can obtain advice about cybersecurity through various channels, including:

• Government Resources: The UK government provides resources and guidance specifically tailored to SMEs to help them address cybersecurity challenges. Websites such as the National Cyber Security Centre (NCSC) offer practical advice, best practices, and tools to improve cybersecurity resilience. SMEs can access resources such as the Cyber Essentials scheme, which provides a set of cybersecurity controls to help protect against common cyber threats.

• Cybersecurity Consultancy Firms: There are numerous cybersecurity consultancy firms in the UK that specialise in providing tailored advice and services to SMEs. These firms offer a range of services, including cybersecurity assessments, risk management, policy development, and staff training. SMEs can engage with these firms to receive personalised advice and support based on their specific needs and budget. For example, Crowdstrike offers help for small businesses with a free trial prior to a paid package. 

• Industry Associations and Networks: Industry associations and networks often provide resources and support related to cybersecurity. SMEs can join relevant associations or networks in their sector to access cybersecurity advice, training programs, and networking opportunities. These associations may also organise events, webinars, and workshops focused on cybersecurity topics.
  

Here is a list of some organisations that offer a range of business support for SMEs including cyber security support.

• Federation of Small Businesses (FSB): The FSB is a leading business organization in the UK that represents the interests of small businesses. While not exclusively focused on cybersecurity, the FSB offers guidance and resources on various business-related topics, including cybersecurity. It provides access to information, advice, and support through its website, events, and regional offices.
  

• Cyber Security Information Sharing Partnership (CiSP): This joint industry and government initiative in the UK facilitates the sharing of cyber threat intelligence and best practices among organizations. SMEs can join CiSP to access timely threat information, collaborate with peers and experts, and enhance their cybersecurity defences.
  

• Cyber Security Challenge UK: Cyber Security Challenge UK is a not-for-profit organisation that aims to inspire and develop the next generation of cybersecurity professionals. While their primary focus is on talent development, they also offer resources and events that SMEs can leverage to improve their cybersecurity awareness and skills.
  

• TechUK: TechUK is a trade association representing the technology sector in the UK. They provide support and representation for technology companies of all sizes, including SMEs. TechUK offers resources, events, and networking opportunities focused on cybersecurity and other relevant topics for SMEs in the technology sector. 
  

• Information Security Forum (ISF): The ISF is an independent authority on cybersecurity and information risk management. While they primarily serve larger organizations, they offer resources and guidance that SMEs can adapt to their needs. The ISF provides research, tools, and networking opportunities to help organizations improve their cybersecurity posture. 
  

• Cyber Resilience Centre for the West Midlands (CRCWM): CRCWM is a regional initiative focused on enhancing cybersecurity resilience among businesses in the West Midlands. While its primary audience is businesses in the region, SMEs from other areas can also benefit from its resources and support.

These industry associations and network groups offer SMEs valuable resources, expertise, and opportunities for collaboration to strengthen their cybersecurity defences and navigate the evolving threat landscape effectively.

As an SME ourselves who's based in the West Midlands, UK we would like to highlight CRCWM as a great example of the support offered to SMEs in an interesting and informative programme based in a regional setting.

Key features and functions of the Cyber Resilience Centre for the West Midlands

• Awareness and Education: CRCWM offers training programs, workshops, and awareness campaigns to educate businesses and individuals about cybersecurity best practices. These initiatives aim to increase awareness about common cyber threats. These threats include things like phishing scams, malware attacks and data breaches while empowering participants with the knowledge and skills needed to protect themselves against such threats.
  

• Cybersecurity Advice and Guidance: CRCWM provides businesses with expert advice and guidance on cybersecurity issues. This includes offering assessments to identify vulnerabilities, recommending appropriate security measures, and assisting with the development of cybersecurity policies and procedures. Businesses can access tailored advice to address their specific cybersecurity needs and challenges.
  

• Threat Intelligence Sharing: CRCWM facilitates the sharing of threat intelligence among its members and partners. By aggregating and analysing cybersecurity data and trends, CRCWM helps businesses stay informed about emerging threats and vulnerabilities. This collaborative approach enables businesses to mitigate risks and enhance their cyber resilience proactively.
  

• Incident Response Support: In the event of a cyber incident or breach, CRCWM offers support and assistance to affected businesses. This may include providing guidance on incident response procedures, facilitating communication with law enforcement agencies, and connecting businesses with cybersecurity experts who can help mitigate the impact of the incident.
  

• Partnerships and Collaboration: CRCWM collaborates with a wide range of stakeholders, including law enforcement agencies, government bodies, academic institutions, and industry associations. By fostering partnerships and collaboration, CRCWM aims to leverage collective expertise and resources to address cybersecurity challenges more effectively and build a stronger cyber resilience ecosystem in the West Midlands.
  

• The Cyber Resilience Centre for the West Midlands plays a vital role in supporting businesses and individuals in the region to enhance their cybersecurity posture, reduce cyber risks, and respond effectively to cyber threats and incidents. Through its range of services and collaborative approach, CRCWM contributes to building a more resilient and secure digital environment for the West Midlands community.

International Cybersecurity support

In an ever-increasingly interconnected world where borders are unclear, and digital footprints cross geographical boundaries, the landscape of cybersecurity extends far beyond domestic concerns. With cyber threats transcending national borders and impacting individuals, businesses, and governments worldwide, collaboration and cooperation on an international scale are imperative.

So, we wanted to share some international organisations that are helping SMEs with cyber security.

International assistance for cyber security

United States

Cybersecurity and Infrastructure Security Agency (CISA):  CISA 

Canada

Canadian Centre for Cyber Security (CCCS): CCCS 

European Union

European Union Agency for Cybersecurity (ENISA) has a full range of details, tools and events highlighting help and advice for businesses: ENISA

Australia

Australian Cyber Security Centre (ACSC): ACSC 

Japan

Information-technology Promotion Agency, Japan (IPA): IPA 

These agencies play a crucial role in providing guidance, resources, and support to SMEs around the world to help them navigate the complex and growing landscape of threats from cybersecurity and enhance their resilience against cyber-attacks.

Peer-to-peer support

SMEs can also access online forums and communities to gain advice from their peers and authorities in the field. For example:

• Cyber Security SME Forum (CSSMEF): CSSMEF 

A forum for cyber SME members to connect with peers, potential collaborators, and government and industry stakeholders. The forum includes five pillars: UK Cyber Ecosystem, Cyber Resilience, Technology Advantage, Global Leadership, and Countering Threats.

• European Internet Forum (EIF): EIF 

An independent, non-profit, and neutral forum that debates digital policy issues with public and private stakeholders.

 Cyber threats affect and impact us all as individuals, but as businesses it’s imperative to be as protected and as aware of the threats as possible. This article is not an exhaustive list but it aims to give a useful starting point for SMEs to learn some of the places they can go to get help, learn about and engage with cyber security.

By leveraging these resources and engaging with relevant stakeholders, SMEs in the UK and the wider world can obtain valuable advice and support to strengthen their cybersecurity defences and protect their businesses from cyber threats.