

Small Businesses are Big Targets
1. Share Information
2. Make it Personal
Even the most empathic person can get overloaded with bad news stories and switch off if things don’t feel relevant to their own lives. Most employees tend to care more when they can see how cyber security issues might affect them personally, so it’s important to explain the link between your organisation’s data and their own.
Hackers do a lot of background research when they’re hunting for new prey, and that often includes looking at individual staff members’ social media accounts. By practicing good data security at work, they can keep their personal information safe too.
3. Lead by Example
Nobody likes the “do as I say, not as I do” approach, so if you’re going to talk about data protection in staff meetings and bulletins, you’ll need to be seen to be walking the walk too. Team leaders need to be setting a good example, so always take part in cyber security training programs with your staff, check twice before you click on any links and never, ever share your password (or leave it scribbled on a post-it note!)
4. Implement an Easy to Follow Policy

5. Make It a Key Part of all New Staff Inductions
5. Make It a Key Part of all New Staff Inductions
It’s much easier to instill good practice into new employees than to expect existing staff to adopt new ways of working (although that can be done, too!).
As soon as a new team member joins, make sure they’re clear on all your cyber security policies before giving them access to any of your data. This should be an integral part of any new induction program and you’ll need to get a signature confirming that all staff members understand their rights and responsibilities.
6. Make it Regular
7. Consider Offering Incentives
Free Phishing Security Test
Would your users fall for convincing phishing attacks? Take the first step now and find out before the bad guys do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

Here's how it works:
- Immediately start your test for up to 100 users (no need to talk to anyone)
- Select from 20+ languages and customise the phishing test template based on your environment
- Choose the landing page your users see after they click
- Show users which red flags they missed, or a 404 page
- Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
- See how your organisation compares to others in your industry