Safer Business

Action Week

Safer Business Action Week is just around the corner, beginning on 10 November.

At Sunderland BID, we recognise that safety and security are crucial for businesses across our BID area, helping to protect both our business community and the wider public.

The initiative, led by Northumbria Police, provides valuable services, advice, and guidance to help local businesses in Sunderland stay safe and informed.

We encourage all businesses to take this opportunity to review their safety measures and access the support available during the week.

Together, we can continue to make Sunderland a safer and more resilient place to live, work, and visit.

Services offered through the Northumbria Cyber Team

Cyber security presentation - It lasts approximately one hour and explores the current threat landscape, as well as everyday issues faced by organisations that raise the risk of cyber threats. This includes threats from both external and internal sources, as well as supply chain risks. There is also a separate presentation that focuses on personal cyber safety, offering several tips to enhance cybersecurity. Contact [email protected]

The Escape Room is designed to reinforce the importance of good cyber hygiene through an interactive exercise where participants act as detectives who have 30 minutes to crack several codes to prove that an organised crime gang has set up their Detective Chief Inspector. The exercise covers strong passwords, multi-factor authentication, and recovery processes. It lasts approximately one and a half hours, including the briefing and debrief. All the information can be shared openly by individuals. Still, it also demonstrates how easy it is to gather information about people that can then be used to compromise individuals into handing over data or gaining access to systems using passwords derived from publicly available information. Contact [email protected]

Decisions & Disruptions – Participants are responsible for managing a hydroelectric plant that lacks onsite security and are accountable to shareholders. They are allocated a budget and must analyse and decide on the security measures to implement over four rounds. After each round, decisions are reviewed, and disruptions to operations that need further action are identified. This exercise aims to help staff, especially managers, understand the importance of establishing a strong cybersecurity network within their business, emphasising the need for investment and practice. The briefing and debriefing session lasts about an hour. Contact [email protected]

Cyber Exercises - This interactive tabletop exercise introduces threats to an organisation's business through a series of injections, where participants seek to remedy them or identify processes/actions that require further action in a safe environment that encourages learning and reflection. Contact [email protected]

Vulnerability Testing – Using RoboShadow software, Domains, and IP addresses are examined against industry-standard processes, including OSWAP and SHODAN, to identify any vulnerabilities within your organisation's cyber network. A detailed report is then produced, highlighting vulnerabilities within a RAG system that service providers can address. Contact [email protected]

Resources & Services available from partners

Police Cyber Alarm - A free tool that sits on organisations' systems to monitor port traffic and generates a monthly report identifying threat patterns across the area as well as within your organisation. This can support your managed service provider in managing ports effectively and closing those that the organisation does not use, but it also increases the risk of attack.
Register for Police CyberAlarm- https://cyberalarm.police.uk/ via their website link.

NCSC – Cyber Action Toolkit – Provided free by the NCSC, the Cyber Action Toolkit offers organisations clear, bite-sized actions to safeguard both their finances and reputation from cybercriminals.
https://cybertoolkit.service.ncsc.gov.uk/?utm_source=NorthumbriaPolice&utm_medium=Protect&utm_campaign=PublicBeta Access it via the NCSC website.

NCSC – Early Warning System - Once registered, internet traffic is monitored to identify trends and threats concerning your organisation. If concerns arise that suggest a potential ransomware attack, you will be notified to ensure your organisation and staff remain vigilant. You will then be advised to implement procedures to verify and cross-check the authenticity of information.
NCSC Early Warning — Register via the NCSC website (this link)

Cyber Essentials - A government-backed certification scheme that helps keep both organisations and their customers’ data safe from cyber-attacks. The NCSC recommends Cyber Essentials as the minimum standard of cybersecurity for all organisations. This is usually administered through the BRC.Cyber Essentials - NCSC.GOV.UK Details about how to register or obtain this certification via this link.

Small Business Guide – Compiled by the NCSC, this guide provides straightforward advice in five easy steps to help small businesses enhance their cybersecurity. Small Business Guide: Cyber Security - NCSC.GOV.UK (access the guide through this link)