Author: Johnty Mongan


There is no denying that the digital landscape is becoming more and more intrinsic to our daily lives. But with all the benefits it brings, threats are also evolving continually in the digital space. Cyber-attacks are rising, and companies across industries are facing the brunt.

32% of businesses have faced cyber-attacks within the last year.
The percentage is significantly higher for medium businesses (59%) and large businesses (69%)1.

With spring season here, it’s time for a digital refresh. That said, cybersecurity should be a continuous focus for organisations, not just a seasonal concern. With threats and companies’ employee base2 changing constantly, cybersecurity reviews should be conducted frequently.

Cybersecurity Tips for Spring-cleaning Your Digital Environment

Cyber-attackers are continually developing new tactics to defraud online victims. Following is a spring-cleaning checklist to fortify your cybersecurity for a healthy digital environment.

Educate your employees
Your employees are your first line of defence against mounting cyber-attacks so it’s important to regularly refresh their knowledge about cyber risks and best practices. While spring is an ideal time to make this a focus, an always-on approach to cybersecurity is paramount and should be actively encouraged.

Remove the digital clutter
Besides unnecessarily burdening the data storage space, obsolete user accounts become a potential attack vector for cybercriminals. Ensure that you declutter your servers, applications, and accounts by removing the unused ones. If you have an account within an unused app, begin by deleting the account first before removing the app itself.

Top tip: This clean-up exercise should also be extended to your desk and devices. File away or dispose of all your digital imprints offline by shredding them to prevent them from becoming lost or stolen. When disposing of old tech devices such as laptops and phones, you must delete your data from the devices and perform a factory reset before disposal.

Review your online accounts
Social media accounts can serve as potential entry points for hackers, so it’s vital to remain vigilant and maintain control over your profiles, accounts, and overall digital footprint. Review your location, privacy, and security settings on social media and other sites to be mindful of what you share. Never give away any personal information openly, as it could be used to steal your identity online.

Keep your devices updated
Update the apps and operating system on all your internet-connected devices — including PCs, smartphones, tablets. Also, pay attention to hardware product updates. Most cyber-attacks can be prevented simply by installing the available patches and updates on your devices. If your security toolkit does not provide optimal performance, consider replacing it with a more advanced one.

Enable biometric security
Several cybersecurity breaches have occurred through identity breaches. This points to the need for more robust identity authentication systems. Organisations can achieve the same with the help of biometric security fitments. As biometric security scans through an individual’s unique physical characteristics such as iris, fingerprints, and facial scans, it acts as a fool-proof mechanism against identity breaches.

Strengthen your password

30% of users have experienced security breaches due to weak passwords3.

Security breaches also arise due to risky password behaviours, such as keeping easy-to-remember passwords or using the same passwords across several accounts. Consider using a password manager to generate strong and unique passwords and change your passwords regularly.

Secure your public connections
For organisation-level cybersecurity, only devices approved by the company’s information security personnel should be given access to the private network. With that in mind, companies are advised to give employees a guest Wi-Fi separate from their private network. Remote employees using unsecured network hotspots may lead to data theft4. Organisations can mitigate this risk using a virtual private network (VPN) with end-to-end encryption of employee data.

Augment incident response plans
Despite the best defences, cyber threats can strike unexpectedly. No wonder the UK government is also taking this seriously5 with a new Code of Practice on cybersecurity governance. So, take the time to review and revise your incident response plans. Make sure to have a backup of critical data on the cloud and a physical drive separate from your device.

Refresh Your Cybersecurity. Engage with the Experts

Gallagher's specialists are here to assist you if you’re missing critical components of your cybersecurity stack. The Gallagher Cyber Defence Centre is focused on supporting clients with seamless and continuous cybersecurity services to defend against evolving risks and threats.

Prioritise your cybersecurity this spring to build organisational resilience for the year ahead and beyond. Please get in touch with the Cyber Risk Management team to find out how we can support your organisation.

Author Information


1 Cyber security breaches survey 2023. GOV.UK (19 Apr 2023).

2 Arsenault, Bret. Your Biggest Cybersecurity Risks Could Be Inside Your Organization. Harvard Business Review (1 Mar 2023).

3 Sebastian, Nathan. Top Password Strengths and Vulnerabilities: Threats, Preventive Measures, and Recoveries. GoodFirms (18 Oct 2023).

4 Singh, Arpinder and Harshavardhan Godugula. How security risks are impacting hybrid work models. Ernst & Young (2 Aug 2022).

5 Coker, James. New Cybersecurity Governance Code Puts Cyber Risks on Boardroom Agenda. Infosecurity Magazine (23 Jan 2024).



The sole purpose of this article is to provide guidance on the issues covered. This article is not intended to give legal advice, and, accordingly, it should not be relied upon. It should not be regarded as a comprehensive statement of the law and/or market practice in this area. We make no claims as to the completeness or accuracy of the information contained herein or in the links which were live at the date of publication. You should not act upon (or should refrain from acting upon) information in this publication without first seeking specific legal and/or specialist advice. Arthur J. Gallagher Insurance Brokers Limited accepts no liability for any inaccuracy, omission or mistake in this publication, nor will we be responsible for any loss which may be suffered as a result of any person relying on the information contained herein.