Staying safe in a digital world: Cyber security tips for businesses

In the UK alone, 42% of small businesses, those with less than 50 employees, have reported experiencing a cyber security breach or attack in the last 12 months.¹ This rises to 74% when it comes to large businesses of 250+ employees.¹ We've all seen in the news this year the catastrophic impact that a cyber attack can have on a business.

Cybercrime doesn’t just drain money. It can damage reputations, disrupt day-to-day operations, and put immense pressure on employees. The impact of these crimes is felt far beyond individual businesses. It ripples out across our economy and society. 

At Santander, we see first-hand how vital it is to help businesses spot these threats early and act with confidence. Here are some tips to help you keep your business safe:

1. Protect your data and equipment

• Back up important files like customer details and payment records on a regular basis. Store them securely in the cloud, on secure external drives, or both. 
• Make sure you know where your data lives. Keep a simple record of devices and accounts.
• Keep your IT equipment (so tablets, smartphones, laptops and PCs) up to date with the latest versions from software developers, hardware suppliers and vendors.  
• Use antivirus software on all computers and laptops. This is often included for free within popular operating systems.

2. Be mindful when sharing online

• Everything you post online tells a story about your business. A quick search of your name will show you what others see. You can ask websites to remove or update anything that’s out of date.
• Inside your business, set simple rules around what’s public, internal or confidential. 
• When it comes to social media, a short guide for staff will go a long way in keeping your reputation safe. Anything available online — about your business or your people — could be used by criminals to impersonate you. Be thoughtful about what you share.

3. Detect malicious messages

• Criminals try to trick businesses with emails, texts or calls that look urgent or official. Especially around payments. Make sure your team is aware of these types of threat.
• Encourage your team to pause before responding to anything that feels unusual. Like a sudden change in bank details. 
• Make it harder for fraudsters to copy you. Keep your own communications consistent, with reference numbers and standard signatures.

4. Protect your credentials and passwords

• Think of your passwords as keys to your business. Make them strong, long and unique. Never reuse the same one across accounts. 
• Password managers or single sign-on tools can help staff keep on top of them. 
• Adding multi-factor authentication provides an extra lock on the door. This could be a code sent to your phone or a fingerprint scan.
• Pay special attention to finance and admin accounts. They’re the most valuable to criminals.

5. Provide ways to report

• Make sure your team knows who to contact if they spot something unusual. Reassure them it’s always better to speak up. 
• Customers can sometimes be the first to notice unusual activity. So give them an easy way to report it too. This will help you act quickly, limit damage, and keep everyone safe.

Cyber security doesn’t need to be complicated. By following these steps, you can reduce risk, protect your reputation, and give both your customers and your team greater peace of mind.

For more detailed guidance on how to keep your business secure, visit the National Cyber Security Centre’s (NCSC) Small Business Guide: Cyber Security.

Visit the cyber security guide

For advice on how to respond to a cyber attack visit the NCSC's website.

How to respond to a cyber attack

¹ https://www.gov.uk/government/statistics/cyber-security-breaches-survey-2025/cyber-security-breaches-survey-2025