Keep your business safe with Cyber Triage: and six other top security tips

October is cybersecurity awareness month, so what better time to remind you of the importance of keeping your business safe from the many online threats that now exist.

So let’s frame the problem before we do anything else. According to UK government statistics, 43% of UK businesses reported a cyber security breach in the year ending April 2025.

What’s more, 85% of those attacks were described as phishing attacks.

Those numbers are clear – businesses are extremely likely to be the targets of attempted hacks and infections. Whether or not that’s a serious problem depends on how prepared you are.

So how prepared are you? Maybe you should start with a professional check.

Stay security smart with Cyber Triage

Zen’s Cyber Triage service is simple but powerful. When you subscribe, we provide you with monthly analysis and insight into attempts to compromise your business security through malware, ransomware and account takeover.

We’ll monitor activity on your network for signs of malicious activity and provide you with a detailed report, along with recommendations to help keep your systems secure.

This flexible service can be taken as a one-time assessment or run on a regular basis and covers two or more nominated devices, helping you respond quickly and effectively to threats against your business.

If you want to discover how your network is being attacked, and how you can safeguard against those attacks, Cyber Triage is a great option. Find out how Cyber Triage can protect your business here.

But business security isn’t just about professional services. There are plenty of things you can do for free right now. Here are six top tips to help you keep your business safe.

1. Go beyond simple passwords

Some passwords are naturally more important than others, but it’s good practice to treat every password like the key to your business. Because the more you get used to proper password security, the more quickly it becomes second nature.

Here’s a really simple tip: for every password, use a combination of upper and lower-case letters, numbers, and symbols – and make it long. Better yet, use a reputable password manager to generate and store unique, complex passwords for every account.

You’ve probably heard this advice thousands of times, but it’s a simple step and it really is your first line of defence.

2. Turn on multi-factor authentication (MFA)

MFA (or 2FA) is one of the fastest ways to block unauthorised access to your data. It requires a second form of verification – like a code sent to your phone – in addition to your password. It isn’t available everywhere, but wherever there’s an MFA option, you should enable it.

Even better, use passkeys where available.

3. Back up your data regularly

Your business data – from client lists to accounts – is irreplaceable. Imagine the impact to your business if you lost it?

That’s why we recommend following the “3-2-1” rule: keep three copies of your data, store them on at least two different types of media, and keep one copy off-site (in the cloud is ideal). That way, if a system fails or a ransomware attack hits, you can recover quickly.

You should also decide how recent you need this backed up data to be. That will depend on your business and what you do but could vary from weekly backups to every other hour or even more frequent.

4. Keep all software updated

Software updates aren’t just for new features – they often contain vital security patches. In the cat-and-mouse game with cybercriminals, software updates help you stay one step ahead of the bad guys, who love to exploit weaknesses in operating systems and firmware.

Turn on automatic updates wherever possible for your operating systems, anti-virus programs and business applications to keep your protection current.

5. Limit staff access

Not every employee needs access to all your systems and data. That’s why you should implement the “principle of least privilege”, which means granting staff access only to the data and resources necessary for their job. This limits the damage that a single compromised account can cause.

6. Train your staff

This doesn’t need expensive away-days or time in the classroom, just some good old-fashioned communication.

Your people are your greatest asset, but they’re also your biggest vulnerability. It’s important to make sure that every team member understands how to spot phishing emails, how to handle sensitive data, and the importance of secure browsing.

Draw up a checklist, find some reputable sites or videos online to help with your staff education, and conduct regular training sessions. Helping reduce human error could make a huge difference to your business security.

We know that cybersecurity can feel overwhelming, but even small steps can make a big difference. This cybersecurity awareness month is the perfect time to act – starting with the basics and adding some important support with Cyber Triage.