Cyber Security Awareness Training

Image of training at PAAC IT

Human error is consistently identified as the most significant cause of data breaches:

  • The ICO’s financial report of 2017/18 identified that four of the five leading causes of data breaches could be attributed to human error. These errors were really simple little things including sending data to the wrong recipient, loss or theft of paperwork, failure to redact data, failure to use blind copy when sending emails and unencrypted devices being lost or stolen;
  • Some 43% of global data breaches result from phishing emails – and humans clicking where they shouldn’t;
  • Experion exposed the personal information of 145 million people in the United States and more than 10 million UK citizens because the IT department failed to address a known software vulnerability despite the fact that they had been warned about it;
  • In August 2018, it appears that an employee at Strathmore secondary college accidentally published more than 300 students’ records on the school’s intranet.

It’s no surprise then, that the GDPR requires that your staff receive cyber security awareness training, on the GDPR and how to protect personal data. In fact the ICO’s data breach reporting form includes the question “Had the staff member involved in this breach received data protection training in the last two years?”


We offer a Cyber Security Awareness Training course for staff of small organisations. It’s often difficult to keep what can be a dry topic interesting and we have tried different techniques that seem to be working. The Directors of GTA Civils said “We have had very positive feedback from members of staff and the course was a real eye opener for them. All said that you managed to make very boring subject interesting.” They must have been impressed as we have just completed a refresher course.

Our course is conducted in a face to face environment and we encourage discussion throughout the course. By the end of the session, participants should

  • Understand the key elements of the GDPR;
  • Understand the risks posed to the business by cybercrime and data breaches;
  • Know how to protect themselves, their workstations and your business from cyber crime and data breaches; and
  • Where to go for help.

We have a standard course outline that we adapt for each organisation:

  • Our course kicks off with a discussion on why this is important to the participants – in no small measure because under the GDPR, fines and other enforcement actions can be levied against individuals. We use a series of recent enforcement actions from the ICO to make the scenarios and implications real.
  • The GDPR sections of the course cover the principle definitions of Personal Data, Controller, Processor and data breaches. We move on to look at the 6 principles and what they mean together with Subject Access Rights;
  • The main section of the course discusses:
    • Statistics on the likelihood of data breaches and the potential financial impact of a data breach;
    • The main causes of data breaches and how to protect against them – phishing, access controls, malware (including ransomware) and human error
  • The summary wraps up with best practices extracted from the throughout the course; and finally
  • Where to go for help.

More recently we have included “Martin the florist” our fictional Lego florist – we even have a little poem to introduce him. The story follows Martin as he sets up his business, builds his customer database and starts marketing to customers. It recognises that Martin can’t do everything on day one, but he can and does progressively increase his cyber security defences over time. We use a Lego castle, guards, spears and horses to bring the story to life.

Picture of Martin the Florist from PAAC IT

We would be delighted to run CSAT for your organisation – please call us on 01428 770 290 or click to send us a message.

About Us

We provide supportive leadership enabling our business community to succeed and prosper through effective use of IT and Technology. PAAC IT is an IT Company in Surrey offering small businesses the personal attention and care that their IT systems deserve. If your company has between 1 and 100 employees and need a IT Company in Surrey we would love to hear from you!

Find out more
"PAAC IT provide a managed service for our PCs on a fixed monthly charge. Really great, they are there when we need them"
Julia Macquisten - OwnerLucas Field Media
"PAAC-IT provide and maintain our Apple Macs and Macbook Pros. Richard and his team at PAAC IT are very prompt and responsive when we need help, and a pleasure to work with"
David Alden - DirectorAlden Holmes
"Our business is highly dependent on computer technology – all the way from design and creative software platforms to administration processes. PAAC-IT set up and configured our mix of PC and Apple computers, file servers and security software and now keep it running. The team at PAAC-IT is very competent and keep our IT running smoothly"
Edward Green - DirectorMilly Green
"I was having trouble making Skype calls to my son. Both Darren and Connor were extremely helpful and patient. They were so kind to get the computer in and out of the car for me - i couldn't have done this on my own as i am disabled"
Jane Nightingale
"On moving house we required help of PAAC to coordinate a tablet, PC and laptop with new security and email addresses and to ensure transfer of old contact details etc. Some of this work was undertaken by Darren in the Midhurst shop and some at our new address. Darren was professional and helpful with successful results. PAAC also followed up with care to ensure that all was well. "
A satisfied customer
"I have been dealing with PAAC IT, mostly in their Midhurst Office, but also in Haslemere, for the past three or four years. They clearly understand Macs and have given me good advice, and sorted out various issues for me. Things did go wrong with the network wireless adapters I had bought from them, but they were quick to ensure they were checked and replaced without a problem, and they followed up with me a month later to ensure all was OK. That’s good customer service!"
James Tree
"Dynamite, goes the extra yard every time, reliable and essential support to my business."
Lawrence MullenThe Talking Trade
"Good, dependable, brilliant, local"
Anneke Clegg
"I have been using the services of PAAC IT for over two years. During this time I have found the staff to be courteous, understanding, and very efficient. I have received first class service on each and every occasion – from keeping my ancient computer running, to advising and supplying a suitable replacement when it eventually crashed. All my transactions have been with the team in the Haslemere shop where Richard, Mark, Darren and Oliver have addressed my computer difficulties with great patience and kindness. To them I am eternally grateful."
Derek Smyth