Cyber security
© Getty Images

Blog: 10 tips for cyber security

    alt txt



    Cyber attacks continue to rise, with organisations of all sizes vulnerable to cyber security breaches. However, small and medium-sized businesses can often significantly underestimate the threat of cyber risks and, following a breach, be unprepared to deal with the resulting financial and/or reputational damage.

    Here, we provide some tips on what both you and your organisation can do to mitigate cyber risks.

    What you can do

    Beware of phishing

    Be on the lookout for emails with urgent, fear-inducing subject lines, or updates from scammers posing as someone from your company. Hover over the email sender’s address with your mouse to ensure it’s from your company, and hover over links to preview their destination. If you’re not sure about it, don’t click it.

    And vishing (voice phishing)

    Never provide your log-in information, financial account or allow access to your devices to someone over the phone, unless you’ve confirmed the request is from a trusted source.

    Keep software up to date

    Putting off installing updates to your computer and phone software can expose you to cyber attacks. Install updates as soon as possible.

    Back up data

    Be sure to back up your data, so you can access it outside of your system, in case you are hit by a cyber attack.


    Use complex, hard-to-guess passwords that contain random words, a combination of capital and small letters, numbers and symbols. Change passwords frequently or use a password manager and multi-factor authentication.

    What your organisation can do

    Train employees

    Train employees in good cyber hygiene - how to spot phishing emails, use of complex passwords and how to report and respond to a suspected incident, such as ransomware or email compromise. And make sure employees understand your policies for computer access and using their own devices.


    Make sure your IT team employs firewalls for your internet access to protect your team from viruses, ransomware, and other cyber attacks.

    Admin rights

    Limit access to servers and software to employees who require it for their job.    

    Secure Wi-Fi networks

    Your Wi-Fi should be secured with a password. When off site, only log into secure Wi-Fi networks that require a password. Do not set your device to log in automatically to networks that are not secured.

    If you think you've been hacked, act

    If you think you've been victim to a cyber crime, immediately call the appropriate internal or external resource and notify your broker, intermediary or insurer if you have a claim.

    Disclaimer: This article is for informational purposes only and is not intended to convey or constitute legal advice. HSB makes no warranties or representations as to the accuracy or completeness of the content herein. Under no circumstances shall HSB or any party involved in creating or delivering this article be liable to you for any loss or damage that results from the use of the information contained herein.