Cyber security for business

Cyber security breach detection

It's not always easy to tell if your business has experienced a cyber security breach. Attackers use a variety of ways to avoid detection and stay in your system long enough to harvest as much data as possible.

Sometimes, it can take months - and often longer - to realise that an attack has taken place. By that stage, attackers might have already caused significant damage to your business or customers. Understand the impact of cyber attack on your business.

How to detect a security breach

Detecting cyber attacks is a challenge even for the experts, but certain warning signs could indicate that a cyber breach or intrusion is underway. For example:

suspicious network activity (eg strange file transfers or log in attempts)
sudden changes to critical infrastructure or system passwords and accounts
suspicious files in your system, which may or may not have been encrypted
suspicious banking activities and transactions
inexplicable loss of access to your network, email or social media accounts
leakage of customer details, client lists or company secrets
unusually slow internet connections and intermittent network access
error signs or warnings in browsers, anti-virus or anti-malware tools alerting you to infections

See how to detect spam, malware and virus attacks.

If you have a business website, you should monitor it for any anomalies that may suggest an attack may be in progress. For example:

unexplained inconsistencies or questionable extras in your code
problems with administrative logins or accessing management functions
unexplained changes in traffic volume (eg sudden and drastic drop)
unexplained changes in the design, layout or content of your site
performance issues affecting the availability and accessibility of your website

Criminals are constantly finding new ways to exploit vulnerabilities, so it's important to be aware of current and emerging threats. See the latest cyber threat alerts from the National Cyber Security Centre.

Breach detection systems

Breach detection tools (also known as intrusion detection tools) can help identify threats inside your network. They are either software or hardware products capable of recognising active threats and alerting relevant security staff that they need to take action. For example, you can set up these tools to monitor the network and send an alert if they suspect:

suspicious user behaviour
vulnerability in the network
threats in applications and programs

These tools focus on identifying intrusions after they happen, containing and controlling the breach, and mitigating the damage. Many different products exist in the market, from open source tools to commercial packages. Read more about business data breach and theft.

How to contain and control cyber breach

Security and data incidents are becoming a daily norm for many businesses. No single product or method will give you a 100 per cent guarantee that your business' cyber defences will hold.

Before you detect an intrusion, you should consider and decide in advance how you will manage your response. It may help to develop a comprehensive cyber security incident response plan to help you contain and recover from any potential breach.

After you detect an intrusion or realise that a crime has been committed, you should report it to the relevant authorities. See how to report a cyber crime.

Search form

Search form

Before you start

Business planning

Forming your business

Running your start-up business

Self-employed and tax

Go for growth

Find local finance

Raising finance

Managing finance

Financial difficulty

Business tax

Self-employed and tax

PAYE and payroll

Keeping records for business

Excise duties

Industry-specific taxes

Complying with European law

Contact or deal with HM Revenue & Customs (HMRC)

Companies House returns, accounts and other responsibilities

Business changes

Selling, closing or restarting your business

Accountants and tax advisers

Recruitment

Employment documents and policies

Pay, pensions and minimum wage

Manage people

Holidays, statutory leave and time off

Performance, training and development

Resolve conflict and staff leaving

Health and safety basics

Make your business safer

Environmental action to improve your business

Reduce, reuse, recycle your business waste

Resource efficiency

Reducing your environmental impact

Environmental guidance by business sector

Choosing the right business property

Rates for non-domestic properties

Property management and costs

Adapting and improving your property

Product and service development

Design and business innovation

Intellectual property

Marketing your business

Know your customers

Maximise your sales

IT basics

Software and technology solutions

Getting online

Security and data protection

Basics of importing and exporting

Choosing a market

Procedures and licences

Sector overviews and regulations

Moving your goods

Customs declarations

Prepare for growth

Strategies for growth

Finance and logistics

Managing growth

Acquiring a business

Selling your business

Exiting and transferring your business

How to detect a security breach

Breach detection systems

How to contain and control cyber breach

In this guide:

Actions

Also on this site