Staff training & security culture

Does your team know what to do when something feels wrong?

A trained, alert team is a better defence than most tools.

Questions to ask yourself

When did we last do security training?
Does a new joiner get a security briefing on day 1?
Do we run any simulated phishing or tabletop exercises?
Is there a one-click way to report something dodgy?
Do we celebrate the people who report things?

What you can do today

Build a security culture in three steps

Three things.

01Roll out the free NCSC Top Tips for Staff.
02Run one tabletop exercise a year using NCSC Exercise in a Box.
03Make reporting easy and praise the people who do it — even on false alarms.

« Previous All topicsLast »