A middle aged woman using a smart phone and a laptop


Taking a proactive approach to cyber security will always be our priority at Holden & Partners. We’re pleased to be able to update you on the steps we’re taking as a firm, and we’ve put together some actions for you to think about when it comes to your own data security.


Cyber Essentials Certified Plus logo

Cyber Essentials Plus

Our IT team have recently upgraded our Cyber Essentials accreditation by attaining Cyber Essentials Plus 1 status. Cyber Essentials is a government-backed scheme that helps companies of all sizes to protect themselves against a wide range of the most common cyber-attacks.

To achieve Cyber Essentials Plus certification, we underwent a third-party, hands-on technical assessment of our systems and processes to ensure that we met the requirements of the scheme in full, including areas such as access control, secure configuration, software updates, malware protection and firewalls and routers.


Close up of a hand on a laptop

Protecting your information

Achieving the advanced certification is important of course, but the steps we take at Holden & Partners are only part of the battle when it comes to cyber security. Criminals, both on and offline, rely on being able to trick people into complying with handing over their details, and/or their money, and they are using ever more sophisticated means to do so.

Research from NatWest found that 7 in 10 UK adults had been targeted by a scam last year,2 so it is far more likely to be a case of ‘when’ you are targeted rather than ‘if’. It is worth taking a moment to refresh yourself on best practices when it comes to keeping your finances secure.

1) Use strong, unique passwords – If you use the same password across multiple accounts it could mean that a data breach on one site could leave your other accounts vulnerable. Take the time to review your passwords and make sure they are well protected.

2) Turn on 2-Step Verification (2SV) for your email and social media accounts. 2-Step Verification (2SV) gives you twice the protection so even if cyber criminals have your password, they can’t access your email or social media account. 2SV works by asking for more information to prove your identity. For example, getting a code sent to your phone when you sign in using a new device or change settings such as your password. You won’t be asked for this every time you check your email or social media.3

3) Adopt a zero-trust attitude – This is a well-known IT philosophy that teaches us to ‘never trust, always verify’. Watch out for phishing emails, texts, letters or calls that attempt to trick you into revealing sensitive information or clicking on malicious links. Be sceptical of unexpected requests for personal or financial information and verify the authenticity of communication before responding.

4) Keep software updated – It can be all too easy to ignore those pop ups when you are busy trying to get something done, but regularly updating operating systems, web browsers, and security software to patch known vulnerabilities and protect against malware and other online threats is a vital step in staying secure.

5) Secure Wi-Fi Connections – Avoid conducting financial transactions or accessing sensitive information over unsecured Wi-Fi networks, such as public Wi-Fi hotspots. Use a virtual private network (VPN) when connecting to public Wi-Fi to encrypt internet traffic and enhance security.

6) Monitor Accounts Regularly – Routinely monitor bank and credit card statements for any unauthorized transactions or suspicious activity. Report any discrepancies to the financial institution immediately.

Remember, an employee of a genuine company seeking to transact with you will never get frustrated if you say that you want to take additional steps to verify where they are calling from, or what they are asking you to do.


Client case study

A client suffered a ransomware hack at work and his private information was compromised. He was concerned that the hacker might be able to get in touch with Holden & Partners via email or our portal and obtain data/funds.

Action plan

• We updated his passwords on the AJ Bell and Holden & Partners online portals in case they had been compromised.
• We put a warning note on his account to make sure anyone in Holden & Partners that receives an email or call from the client remains vigilant.
• We reassured him that we would only pay money into his nominated bank account (as standard practice) and we will always verify that a request for funds is a legitimate one by verbally speaking with them, rather than taking the request via an email.


If you experience a hack or would like reassurance of the steps we have in place then please speak to your adviser.


1. https://www.ncsc.gov.uk/cyberessentials/overview
2. https://www.natwestgroup.com/news-and-insights/news-room/press-releases/financial-capability-and-learning/2023/oct/most-common-financial-scams-of-2023-revealed.html
3. https://www.actionfraud.police.uk/news/action-fraud-issues-a-new-warning-to-stay-safe-online-after-1-3-million-lost-from-hacked-email-and-social-media-account-scams-last-year

Contact us

Whether it’s a question about your personal finances or how you can invest your wealth more ethically, we are here to help. Call us on 020 7812 1460, email info@holden-partners.co.uk or complete the form: