01924 241 281 hello@biscuit.uk.com

Which businesses are most vulnerable to cyber-security threats and how can they stay safe?

In the past year and a half, cyber-crime rose dramatically. Nearly 70% of organisations reported experiencing a least an attempted incursion, but some sectors were targeted more than others. People sometimes forget that the hackers causing these security problems are real people, and these people know who to target.

A recent BBC News article reported that the childcare and charities sectors were both on the receiving end of a warning from the government’s cyber-security body, the NCSC. Cyber-criminals have been both preying on the unusual circumstances brought about by Covid19 and the industries that they see as having inadequate security. Anxiety around this issue is growing and at Biscuit we want to help.

Businesses, no matter their size or the technical ability of their staff are never powerless against cyber-security threats. There are some key steps that any team can take in order to stay safe. In this blog we’ll take a look at some of the practices and technology that the most vulnerable businesses can use to get some much-needed peace of mind.

Avoid Scam Emails

Email fraud is massively on the rise. With more people working from home, scammers assume that there will be less oversight when it comes companies checking incoming emails. Receiving and opening these emails could assist in automatically changing passwords for ransomware purposes, or could allow hackers access to sensitive data.

These attacks are known as phishing and can be difficult to spot at a glance. One of our top tips for avoiding them is to check the address of whoever is sending them. Normally scammers will have a nonsensical email address, rather than one that matches up with who they are posing as. Another tip for your staff is to not click links in emails full stop.

At Biscuit we provide email spam filters that can help you to get around this issue all together. You might think you’re savvy enough to spot a fake email from a mile away, but could everyone on your team?

Mobile Device Management

Many teams are working away from the office right now, which means a greater reliance on our mobile phones for work. Of course this comes with a huge amount of benefits, especially for sales staff or teams in sectors such as property. It is also risky though.

Business mobiles contain a huge amount of sensitive data and there have been plenty of high-profile cases where company and even government secrets have leaked through a missing mobile. The way around this issue is with Mobile Device Management software.

MDM software allows you to control a mobile device remotely. This means you can guarantee that the latest security features are installed on staff mobiles. It also allows you to spot outdated and possibly unsupported devices on your network that could be due for an upgrade. Finally, MDM software allows you to remotely wipe the data from a mobile if it is lost or stolen.


15% of people use their pet’s name for their password and 6% use the word “password”. If you’re a business of 30 people, the chances are at least 6 of them are using a very weak password on their work device. We don’t need to explain why this needs to change.

Many people complain that the super-secure string of random numbers and letters that security teams recommend are too difficult to memorise. We understand this. A safe work-around is to try three words, with capital letters and no spaces between them, for example “RedTreeHorse”. This technique is both far more secure than a pet’s name, but is also much more memorable than a string of characters.

If you want to find out how secure your network is, get in touch about our PEN testing service. Our specialists can carry out a mock attack on your business, finding vulnerabilities and solving them at the same time.

Train your Staff

The most powerful anti-virus software in the world can’t protect against user error. 95% of cyber-attacks are due to some form of staff mistake, so it’s crucial that everyone is trained in the correct procedures. The problem is that a large proportion of small and medium sized businesses do not have access to an in-house IT team to provide this training. Our solution is an outsourced IT management service.

At Biscuit we essentially act as a business’ personal IT team. We’ll put all the systems in place for your safety and productivity, but we also provide training. Our specialists will take you through everything you need to know about how to stay safe. No business is truly the same, so having a specialist who can learn about your specific requirements and deliver bespoke resources is invaluable.

If you are working in the sectors mentioned here, have a remote working or business mobile policy, or just need advice, get in touch. Our security specialists will happily talk through your concerns and suggest the solutions that can help. Speak to the team today at 01924 241 281