Free Resources For Small Businesses and Charities

The guides below are written by Stephen Dunn — a CISSP-certified cybersecurity expert and Bloomsbury author with over 25 years of experience. Each one is written specifically for non-technical leaders in UK small businesses and charities.

If your organisation is hit by a cyber attack, the first hour is when you have the most control — and when most organisations make the most costly mistakes. This step-by-step checklist walks you through exactly what to do in the first 60 minutes of a cyber incident, written for business owners and managers without in-house IT support. Covers containment, communication, regulatory obligations, insurance notification, and evidence preservation. Designed to be printed and kept somewhere accessible — not on the server that might be encrypted. Based on the incident response methodology in Stephen Dunn’s forthcoming Bloomsbury Business publication.

• Minute-by-minute response steps
• What not to do in the first hour
• 72-hour ICO obligation reminder
• Key contacts template to fill in advance

A plain-English self-assessment tool that tells you, honestly and quickly, where your organisation’s cyber security is strong and where the gaps are. No technical knowledge required. Work through 19 questions across five areas including backups, access controls, staff awareness, incident planning, and supplier risk and score yourself against a simple three-point scale. Takes around 15 minutes and gives you a prioritised starting point for improving your cyber resilience. Based on the same framework recommended by the National Cyber Security Centre (NCSC).

• 19 scored questions across 5 key areas
• Instant scoring guide
• Clear results interpretation
• Priority actions for each score range

Not getting useful results from ChatGPT or other AI tools? The problem is almost always the prompt. This free cheat sheet introduces a simple five-element framework — Role, Task, Context, Format, Constraints — that produces noticeably better results from any AI tool, every time. Includes six ready-to-use prompt templates covering emails, social media posts, meeting notes, policy drafts and more. Written specifically for small business owners and charity leaders with no technical background.

• Five-element prompting framework
• Six copy-and-paste templates
• Phrases to refine AI outputs
• Three things to keep in mind when using AI tools

UK GDPR applies to almost every organisation that holds personal data, regardless of size. But most small businesses and charities don’t need a complex compliance programme; they need ten things done properly. This free checklist cuts through the legal language and tells you exactly what to have in place, why it matters, and how to check it. Work through it at your own pace, tick what’s covered, and focus your energy on the gaps. Includes a reminder to check your ICO registration status which is a step many small organisations miss entirely.

• 10 plain-English GDPR obligations
• Practical “check” action for each
• Lawful basis guidance
• ICO registration reminder
• Cross-reference to the Cyber Resilience Self-Assessment

• ICO: Getting Started with Data Protection
• ICO Small Organisations Hub
• ICO Data Protection Fee Registration

• UK Cyber Security Breaches Survey 2025
• UK SME Digital Adoption Taskforce — Final Report 2025

Know of a resource we should add? Get in touch — we review this page regularly to keep it current.