UK gov tells SMBs to get better at protecting themselves from cyberattacks

New security Code of Practice announced by Government agencies

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

In a jointannouncementby the Department for Science, Innovation and Technology (DSIT), the National Cyber Security Centre (NCSC), and DSIT Parliamentary Under Secretary of State, Viscount Camrose, Britain’s small businesses have been urged to “toughen up” their cybersecurity practices.

To support its argument, the UK Government has issued aCyber Governance Code of Practiceto help SMBs comply with more stringent measures.

Developed in collaboration with industry leaders, cyber experts, and the NCSC, the Code advocates for detailed response and recovery plans for potential cyberattacks.

SMBs warned their cybersecurity is insufficient

In a stark message, the Government warned that cybersecurity should be considered an equal risk to financial and legal challenges, making it a key business priority even for the country’s small businesses.

SMBs have also been asked to equip employees with the right skills and awareness of cyberattacks so that they can better protect their company.

Viscount Camrose, Minister for AI and Intellectual Property in the UK, highlighted the critical need for organizational leaders to grasp the importance of cybersecurity. His message echoed that of the Government announcement:

“Cyber attacks are as damaging to organisations as financial and legal pitfalls, so it’s crucial that bosses and directors take a firm grip of their organisation’s cyber security regimes - protecting their customers, workforce, business operations and our wider economy.”

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

With nearly one in three (32%) firms experiencing cyberattacks or breaches in the past year, the new Code seeks to address the mounting risks.

Over 38,000 organizations were awarded the Cyber Essentials certificate last year, signifying that they have vital cyber security controls in place. Two in five (39%) of the UK’s largest businesses are reported to have been awarded with the certificate, according to Government analysis.

“Cyber security is no longer a niche subject or just the responsibility of the IT department, so it is vital that CEOs and directors understand the risks to their organisation and how to mitigate potential threats," added NCSC CEO Lindy Cameron/

The Government is now calling on businesses of all sizes from all sectors to get involved with the draft Code and to submit their feedback as part of an ongoing process until March 19, 2024.

More from TechRadar Pro

With several years’ experience freelancing in tech and automotive circles, Craig’s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the decarbonisation of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!

This new phishing strategy utilizes GitHub comments to distribute malware

Should your VPN always be on?

I’m a die-hard Apple fan, but even I’ll admit that the Google Pixel 9 Pro is the best-looking phone of the year