• 01525 331060

5 Common cyber security mistakes businesses make, and tips to avoid them

20th April 2022
You buy top-of-the-range door locks and bolts. Install alarm systems worth thousands, employ security guards, and even buy ferocious guard dogs… Then, you install FREE cyber security software, lazily create passwords that a chimpanzee could figure out, and throw around login information to anyone who wants it. Sadly, this lapse approach to cyber security isn’t uncommon, so to help, we’ve put together a list of 5 common cyber security mistakes businesses make, and added a few tips to avoid them. Check it out, and if you’re in the mood, spread it around to make other business owners feel bad about their own classic cyber security mistakes, and hopefully rectify them.

1. Leaving cyber security to someone who has no technical knowledge

It’s hard to believe, but many businesses are taking serious risks by handing over the responsibility of cyber security to someone who couldn’t tell the difference between malware and Tupperware.

It may be the cheap option, but it’s also a highly risky option, especially if the person has no idea of the constantly evolving nature of cyber threats, how to protect against them, and how to back up.

If you are worried about the cost of hiring an inhouse cyber security professional, then talk to a reputable managed IT service provider, who’ll provide the service at a much lower cost.

2. Not taking password security seriously

Using easy-to-crack passwords, such as 123456 or ‘company name’, are one of the main reasons business IT networks get hacked, and are a lot more commonly used than you might think.

Another password ‘no no’ businesses across all sectors and industries are guilty of, is using the same password for a whole load of different accounts, and never changing it.

Sound like you? Then start using secure password managers, enabling two-step verification when possible, and create passwords using letters, numbers and symbols that you change regularly.

3. Not getting employees involved

60% of cyber security breaches are down to human error, and happen because employees haven’t been trained in how to prevent them, or what to do in the aftermath of an attack.

Common things employees do include emailing attachments with sensitive data to the wrong person, downloading malware using malicious links, and unknowingly leaking company passwords.

If you’re making this mistake, consider hiring a cyber security coach, or by visiting the NCSC (National Cyber Security Centre) website for all sorts of guidance and help, to pass onto your team.

4. Not updating software

Yes, it can be a hassle. You see the popup telling you to update, but you’re halfway through writing that presentation, and don’t want to stop whilst the cyber security system updates.

Problem is, these updates or security patches are usually vital, and a way of keeping on top of the latest threats, threats that can have the potential to lock you out of that presentation.

If you’re noticing employees aren’t updating regularly, get a memo out there, informing staff of the importance of updating, and reconfigure your cyber security software to automatically update.

5. Not having a response plan

Not planning a response to a cyber attack is another serious mistake plenty of businesses make. Many feel it’s not worth it, mistakenly thinking it won’t happen to them.

But, when it does happen, the financial, reputational and physical damage a cyber attack causes can be limited with the addition of a carefully thought out response plan.

Your response plan should include ensuring employees know who to contact, getting insurance to protect against potential losses, having emergency legal, IT forensic, and PR emergency contacts.


Cyber security should be taken as seriously as physical security. There are no if’s, but’s or maybe’s. Modern criminals are moving away from the old-fashioned theft of physical possessions, and instead hitting companies where it really hurts – the IT network that the whole business is built upon.

Contact us

JamCrackers is a leading, Bedfordshire based business IT support service, specialising in bespoke cyber security for business. This means, we’ll work with you to create and manage a cyber security and backup plan, designed around your unique business model, to help protect your business from some of the world s most damaging cyber threats.