Business owners across the UK are being urged to take action against online threats as the government rolls out a new initiative aimed at keeping companies safe and resilient in the digital age.
The campaign, visible across social media, radio, podcasts, and business networks, is designed to reach small and medium-sized enterprises (SMEs) where they are, making it easier than ever to access practical guidance.
Cyber threats are not just a minor annoyance—they cost UK businesses an estimated £14.7 billion annually. Alarmingly, half of all small firms have reported suffering a cyber breach in the past 12 months.
The government’s campaign seeks to address these risks by promoting the Cyber Essentials scheme, which offers clear steps businesses can take to prevent common attacks.
Cyber Essentials: The Five Key Protections
The Cyber Essentials program focuses on five critical protections that even small firms can implement without a dedicated IT department:
-
Installing firewalls to block unwanted access
-
Ensuring secure configuration of devices and networks
-
Keeping software up to date with the latest patches
-
Controlling user access to sensitive accounts and data
-
Protecting systems against malware
Implementing these measures has proven effective. Businesses with Cyber Essentials certification made 92% fewer insurance claims last year and can also access free cyber insurance with a 24/7 emergency helpline.
Certification even helps firms secure government contracts, demonstrating their commitment to robust cyber security.
Small Businesses Are Not Immune
Cyber Security Minister Baroness Lloyd emphasized that cyber criminals don’t just target large corporations. “The reality is criminals look for easy opportunities, and without basic protections, any business of any size can become a target,” she said.
Smaller businesses, she explained, often lack large IT teams, making simple steps like Cyber Essentials vital to protecting both company assets and jobs.
The campaign also highlights several free tools to help businesses get started, including an online readiness tool, 30-minute consultations with cyber advisors, and access to the Cyber Essentials Question Set to evaluate preparedness for certification.
Rising Cyber Threats and the Need for Action
Recent surveys indicate that 82% of medium and large businesses have suffered a cyber incident in the past year.
Larger companies have increased adoption of Cyber Essentials from 23% to 30%, showing growing recognition of the importance of basic cyber protections.
The new campaign aims to accelerate adoption among smaller businesses, strengthening supply chains and supporting long-term economic growth.
Dr. Richard Horne, CEO of the National Cyber Security Centre (NCSC), added, “Many small business owners assume their business is too small to be on cyber criminals’ radar, but attackers are looking for weaknesses, not logos.”
Strengthening National Cyber Resilience
Beyond individual business protections, the government is also moving forward with the Cyber Security and Resilience Bill.
This legislation will update the UK’s framework for essential services and key suppliers, covering areas like energy, healthcare, and data centers.
Stronger supply chain defenses will reduce the risk of service disruption and help maintain the country’s economic stability.
What’s next?
Businesses are encouraged to engage immediately with the Cyber Essentials scheme and use available resources to assess their current vulnerabilities.
The campaign will continue across multiple platforms over the coming months, focusing on SMEs in high-risk sectors. Companies that act now can protect themselves, their employees, and the broader economy from escalating cyber threats.
Summary
The UK government has launched a nationwide campaign to help businesses defend against cyber crime.
Through the Cyber Essentials program, SMEs are being offered practical guidance and tools to protect themselves from common attacks, with evidence showing that such measures drastically reduce risk.
The campaign also complements broader legislative efforts under the Cyber Security and Resilience Bill to safeguard essential services and national infrastructure.