Cybercrime and the impact on business

Recently published figures have suggested that HMRC has 'saved the public more than £2.4 million' by combating cybercriminals and cybercrime. However, such crime remains a serious problem for businesses, with potentially significant consequences. Here, we take a look at strategies you may wish to utilise to ensure your business and personal finances are adequately protected against malware, phishing attacks and ransomware.

Cybersecurity: getting the basics right                                                                              

As a fundamental rule, business owners must ensure that their cybersecurity protections are up-to-date and effective. Firms are advised to:

Use strong passwords

It may seem obvious, but making use of strong passwords on your work computer, laptop, smartphone and tablet is crucial. Using a combination of upper-case and lower-case letters, alongside numbers and symbols, will ensure that your password is strong and unique, and therefore difficult for cybercriminals and thieves to guess.

Make sure software updates are downloaded

Ensuring that any available software updates are downloaded and installed onto your work devices is essential: doing so will help protect your gadget against harmful malware. Businesses are also urged to install updates to their anti-virus software, where these are available. 

Back up data

Making regular back-ups of critical data is highly advisable. Consider how reliant you are on your data, such as payment details, customer information, quotes and orders. Businesses should aim to identify the essential data they need to back up, and keep their back-ups separate from their main devices: in the event that a business is affected by ransomware, an isolated back-up may prove invaluable. Victims of ransomware attacks often experience their files becoming encrypted, or their computer becoming locked. The criminal will then request payment in return for decrypting or unlocking the victim's files or devices.

Keeping essential data backed up to a separate device, drive or cloud solution may potentially aid firms, should the worst happen.

Identify fraudulent communications before it's too late

Spotting phishing communications before they are opened or responded to is vital. 'Phishing' refers to the practice whereby a criminal poses as a recognisable company or organisation (including major banks, HMRC and telecommunication companies), and contacts an individual or business to request them to supply sensitive information or payment.

Phishing victims are often contacted via email, telephone or text message, and are asked to provide personal data, such as banking and credit card details. Cybercriminals then use the information to their advantage, installing malicious software onto computers or posing as the victim, thereby stealing their identity.

Businesses are urged to exercise caution when it comes to responding to calls, emails or text messages that request that a payment be made. Refrain from clicking on links within unsolicited emails – if in doubt, the safest course of action is to visit the company's website of your own volition. 

It is important to note that the government, banking institutions and large organisations will never contact you to request access to your personal account, or to request that you send them personal information.

Train staff members and keep them up to date

All members of staff should receive appropriate training in order to understand and successfully identify the ways in which their firm could be at risk from cyber-attacks and data breaches. A range of programs exist for employers to make use of, including free educational courses and resources, as supplied by the government. These can be found here.   

Making sure that you have adequate cybersecurity measures in place is of the utmost importance. Taking appropriate action sooner rather than later could help to safeguard your business and personal finances now and in the future.

Have we convinced you yet?

Please feel free to get in touch via phone, email or our quick contact form.

We offer initial free consultations – simply contact us to find out more.

ICAEW Chartered Accountants logo Sage logo chichester chamber of commerce and industry logo

© 2020 James Todd & Co. All rights reserved.

We use cookies on this website, you can find more information about cookies here.
Contact us

Please call:
01243 776938
Lavant and Chichester
01273 470123

James Todd & Co, 1/2 The Barn, Oldwick, West Stoke Road, Chichester PO18 9AA
James Todd & Co, 16 Northgate, Chichester PO19 1BJ
James Todd & Co, The Mews, St Nicholas Lane, Lewes, East Sussex BN7 2JZ

James Todd & Co is the trading name of James Todd & Co Limited. Chartered Accountants and Registered Auditors. Registered No: 07350649 in England. VAT No. 322087875. ICAEW Firm Reference No: C002730145 and James Todd & Co (Lewes) Ltd (formerly known as Axtons). Chartered Accountants. Registered No: 11214467 in England. VAT No. 290460506. ICAEW Firm Reference No: C005791297

Registered to carry out audit work in the UK and regulated for a range of investment business activities by the Institute of Chartered Accountants in England and Wales. Details of our audit registration can be viewed at

Details of our Designated Professional Body (DPB) activities can be viewed at A member of the ICAEW Practice Assurance Scheme.