NewsCase StudiesEvents

Locking The Cyber Door

Also in the news...

Paul Beare Wins IR Global Member Of The Year

Paul Beare has been named Member of the Year at this year’s IR Global Conference in Amsterdam.

The Biggest Problem With Running A UK Payroll

We explore the biggest problem with running a UK payroll, together with the required functions of payroll calculations and net salary.

Taking It For Granted: How The UK Government Helps Growing Firms

In the UK, a number of government agencies offer a range of grants to help smaller firms to grow and prosper. The grants are typically designed to support innovation, encourage job creation, and underpin growth. In the last few years, a number of new initiatives have emerged, including grants aimed at boosting green technology and digital transformation.

Start-ups Wasting Over 2 Weeks And £37 Billion A Year On Admin

UK start-ups and microbusinesses are wasting over two working weeks every year on admin tasks, including managing mobile phone contracts, choosing energy providers, and buying insurance – according to new research.

The Costs For International Businesses Employing In The UK

In an ever-globalising business landscape, expanding operations to the United Kingdom can be a strategic move for international companies seeking new opportunities.

Paul Beare

Paul Beare

UK Tax Expert

> Ask me a question

Locking The Cyber Door

Back to News

The world has been awake to the threat of cyber crime – hacking, theft, ransomware, ID theft etc – for some years now. And governments are playing their part, with most countries now taking a more aggressive approach not only to detection and enforcement, but also by mandating the organisations protect themselves in the right ways.

The UK government took another step in this effort at the end of 2021 when it introduced the Telecommunications (Security) Act which aims to tighten up governance of data handling, particularly in the telecoms sector. The new Act puts “Much stronger legal duties on public telecoms providers to defend their networks from cyber threats which could cause network failure or the theft of sensitive data.”

Under the new law, telecoms will be required to:

  • protect data stored by their networks and services, and secure the critical functions which allow them to be operated and managed;
  • protect tools which monitor and analyse their networks and services against access from hostile state actors;
  • monitor public networks to identify potentially dangerous activity and have a deep understanding of their security risks, reporting regularly to internal boards; and
  • take account of supply chain risks, and understand and control who has the ability to access and make changes to the operation of their networks and services.

As part of the drive to improve cyber security, the government has also launched a public consultation on draft regulations, which outline the measures telecoms providers would need to take to fulfil their duties under the act. It will also lead to the development of a draft code of practice, which focuses on how providers can comply with the regulations.

What does this mean for ordinary businesses? Principally it should mean a significant reduction in the risk around cyber theft across digital communication channels. Indeed, as Digital Infrastructure Minister Julia Lopez says, “Broadband and mobile networks are crucial to life in Britain and that makes them a prime target for cyber criminals. Our proposals will embed the highest security standards in our telecoms industry with heavy fines for any companies failing in their duties.”

Cyber security is a serious issue for businesses of all sizes, so it’s encouraging to see more action being taken to shore up some of the obvious vulnerabilities that currently exist.

There are some basic steps that companies can take to protect themselves.

1. Check your permissions: Make sure you have rules in place on your system to ensure you’ve got the right levels of permission in place for your employees. For instance, don’t just give junior staff the ability to change bank details without a second authorization.

It’s not unusual in smaller business for a system where ‘everyone can do everything’; and that’s where a junior employee can end up changing things on the system without the financial controller even being aware of it..

2. Get social: Scammers are increasingly turning to social media to glean information about companies and their staff. Get a name and job title and it’s a short step to getting a phone number and calling up with a vishing scam.

You should ask staff to be circumspect in terms of the information they make public on their profiles, while it might also help to make key staff aware they’re more likely to be a target, particularly if they work in finance.

3. Put a name to the face: Try to make sure you have a named contact at every supplier – not just the company name. So when dealing with a supplier, make sure you know who handles accounts: that way you can form a personal relationship. Any call about an invoice or a change in bank details should therefore be from your named contact

Protecting yourself doesn’t have to cost thousands. Good housekeeping and effective systems require buy in from everyone and – where necessary – getting the right external help. We’re right here for all your needs, and you can contact us for help and support in a number of areas, from tax and payroll to accounting and banking.


You are not logged in!

Please login or register to ask our experts a question.

Login now or register.