Watch the webinar
- Deborah Fraser, Director for Regions (Chair)
- Fiona Geskes , Principal Policy Advisor, Tax and Fiscal Policy, CBI
- A representative from the National Cyber Security Centre (Guest)
- Stefan Martin, Partner, Hogan Lovells (Guest)
The economic recovery:
- The CBI has come up with four broad principles:
- Avoid ‘cliff edges’ where support is reduced/withdrawn, and provide support for firms with ongoing challenges
- Encourage business dynamism and be innovative
- Build back better – towards a fairer, more balanced economy
- Manage the cost of restructuring (with infrastructure likely to be an ongoing priority) as an option for stimulus spending to get the economy going again.
- What are the issues you will face in next six months? Where do you think government support should be prioritising? Get in touch!
- The National Cyber Security Centre (NCSC) wants to make the UK the best place to do business online. The NCSC was set up as a one-stop-shop for cyber security advice for businesses of all sizes.
- Covid-19 has been unprecedented for cyber security, with more video conferencing, home working, and the closure of physical premises. We set up a portal for people to forward ‘phishing emails’, which went live at the end of April. We had 5,000 emails reported in the first day, and more than 80 malicious phishing campaigns removed.
- We’ve published guidance on ‘home working’ and video conference services, which is launching on Wednesday.
- Cyber security has become more embedded in all businesses’ ‘daily lives’.
- For those looking to take cyber security further, the NCSC will continue delivering cyber essentials – a certificate to help them understand different cyber security themes.
Job Retention Scheme (JRS) changes:
- The JRS has been extended in its current form to the end of July, and it will run until the end of October.
- On 1 August, more flexibility will be introduced to the scheme to allow staff to carry out some work while on furlough.
- There are still lots of unanswered questions. For example, if you bring staff back part time from 1 August, the employer is responsible for their salary (but not furlough pay) for the hours they worked.
- Although the government is trying to avoid cliff edges, these changes do create the potential for one. It could mean possible large-scale redundancies announced at the end of June. Although there will be more flexibility from 1 August, many businesses will not have opened or started to have revenue coming in.
Key questions we answered:
- What are the main types of cyber security threats we’re seeing, and how is the NCSC tackling this?
- We’ve published a joint advisory to look at the criminal activity taking place. The overall levels of cyber security threats haven’t increased, but the NCSC and our counterpart in the USA are seeing a growing level of fraudsters using Coronavirus to try and defraud people.
- Our self-reporting service is vital, and we would encourage any firms that have seen something Covid-19 related to forward it on. Take a look at our list of ‘top tips for staff’ – as many aren’t versed in ‘what to look for’, or ‘what phishing emails look like’.
- Our advice for cash constrained SMEs is that businesses don’t have to do much to be cyber secure, and it’s vital for smaller firms to have options that are minimal on both resource and cost, and protect against the most common attacks. The Cyber Security Certificate (£300 for 12 months) includes Cyber Insurance.
- Can you second furloughed staff to another business?
- Staff can volunteer or can do so if there’s an arrangement.
- If the secondment isn’t paid for in any way there isn’t much of an issue. An example could be an employer sending furloughed staff to go and help another company (but staff must not be paid, and the employer can’t receive any money for doing so).
- Will HMRC audit furlough schemes?
- It’s too early to tell how many audits there’ll be.
- Our sense is they aren’t happening now, but we’re not seeing employers keeping large amounts of information to prove staff haven’t been working during any furlough.
- Our own view is that it’s unlikely HMRC will be doing audits on a wide scale. If they do so, they’re likely to start with some of the larger claims.
- Proving (or taking steps to prove) furloughed staff haven’t worked is not a burning priority at the moment.
- What work is being done on tackling ‘insider threats’?
- Insider threats are included in the guidance and advice.
- Not all ‘Insider threats’ are malicious, and many come from human error, or being underprepared for an attack/phishing email.
- We need to drive a culture where firms/owners feel comfortable and confident to report issues or admit mistakes and errors.
- Can you vary the furlough rate for staff, and is it OK to top up some staff‘s pay (but not all) over the 80%?
- There’s no legal barrier to doing so, but it’s not a great move employee relations-wise!
- As long as it’s not done on a discriminatory basis, it’s possible.
- Remember that your employees will speak to each other!
Further links and resources:
The NCSC will be launching a COVID 19 security support pack for SMEs later this week. The guidance will include:
- Home working: preparing your organisation and staff (published March 2020)
- Video conferencing: security guidance for organisations (published April 2020)
- Moving your business from the physical to the digital (published May 2020).
Keep an eye on their website for the release.