Is your business safe from attack? When was the last time you reviewed your crisis plan? Do you even have a plan in place? Don’t panic just yet. With some planning, you can stay ahead of the curve and protect your business.
According to Gov.co.uk, in 2025, “Just over four in ten businesses (43%) and three in ten charities (30%) reported having experienced any kind of cybersecurity breach or attack in 2025. This equates to approximately 612,000 UK businesses and 61,000 UK charities that identified a cyber breach or attack in the past year.”
A scary stat, but let’s break down what happens when a cyberattack occurs.
- Utter panic! Heads are going to roll! Everyone is running around, doing everything they can to deal with it. This is a huge problem; costly mistakes can be made once a breach is discovered. Get ahead of the curve by putting a crisis plan in place and making sure everyone knows and understands what is happening and what the correct process is. Don’t forget to reassure stakeholders with your plan of action, too!
- Put clear reporting plans in place. Don’t underestimate how often a staff member has reacted in panic and tried to fix or delete a mistake, trying to cover up an issue without anyone finding out. The earlier you can respond to a cyberattack, the better. Reassure your employees that they won’t get into trouble and that reporting of any unusual activity is essential.
- Consider where your data is stored. It’s all good and well storing everything digitally, but what do you have in place to back everything up if there is an attack? Is your data encrypted? stored with a third party? Is it safe? How soon can you identify the loss to your business and notify customers?
- Train your staff. If you are a small business, there are plenty of external training companies and courses available at very little cost. Employees are far more likely to report an issue early on if they feel supported and safe from disciplinary action.
- Assure your customers. Once you have a plan in place, be sure to share it with your customers. After all, a loss to an individual through a cyber attack can be far more devastating financially and emotionally. It will make them feel safer knowing that their data is secure.
- Third parties. If you use third parties, make sure you set standards and ensure they are keeping within set parameters. Hold regular checks and reviews to ensure that there are no weak spots.
A business of any size can be attacked. The key is to make it as difficult as possible for it to occur, which means pre-planning, risk management, training, and disaster recovery plans. It is no longer okay to rely solely on firewalls, ransomware and intrusion detection.
You need the ability to act quickly and efficiently to secure the data under attack. Pre-planning can save you from an enormous headache, financial loss, and damage to your reputation. Don’t put it off, act today!
www.steeryourbusiness.com/magazine/may-jun-2026
