October 5: Cyber Responsibilities - We're All in This Together
While cyber security may sound complex and something just for 'the IT department', that couldn't be further from the truth. Cyber security is a shared responsibility, and every individual from the CEO down to the newest apprentice, plays a vital role in protection themselves and their broader digital ecosystem.
Your individual responsibilities include:
-
Practicing Good Cyber Hygiene: This is the foundation – using strong, unique passwords, enabling Multi-Factor Authentication (MFA), and being vigilant against phishing scams. These basic habits significantly reduce your personal risk.
-
Keeping Software Updated: Regularly installing updates for your operating systems, applications, and browsers patches known vulnerabilities that attackers exploit, this might include your phone.
-
Protecting Your Devices: Ensuring your personal devices (laptops, phones, tablets) are secured with passwords/biometrics and reputable antivirus software.
-
Being Mindful Online: Thinking before you click, sharing personal information judiciously on social media, and being aware of the risks of public Wi-Fi.
-
Reporting Suspicious Activity: If something looks or feels wrong, report it to your IT department (at work) or relevant authorities. Don't assume someone else will.
In an organisational context, your responsibilities expand to:
-
Adhering to Policies: Following your company's cyber security policies and procedures for data handling, acceptable use, and remote work.
-
Protecting Company Data: Treating company information, especially sensitive data, with the utmost care, regardless of where you are accessing it. If you are a data owner, you should use the correct system to protect the data, not unnecessarily share it, and only keep it for as long as necessary.
-
Participating in Training: Engaging with and applying the knowledge gained from cybersecurity awareness training programs. If you are a school or college, then the DfE Digital Standards require you to undertake cyber security training annually. An organisation has a responsibility to ensure that everyone in the organisation is cyber aware and knows what to do in a cyber attack: {article title="Help after a Cyber Attack/Incident"}[link][title][/link]{/article}
Every click, every download, and every piece of information you share online has security implications. When each person takes their cybersecurity responsibilities seriously, it strengthens the collective defence, making it harder for cybercriminals to succeed. You are an essential part of the "human firewall" that protects our digital world.
Training and awareness is the best way to ensure everyone in an organisation understands your cyber strategy. This should be continuous and not just once a year or when someone first starts in an organisation.
💡Today's Cyber Tip: Be Your Own Digital Guardian!
You are the first and most important line of defence for your personal cyber safety. Today, take ownership of your digital footprint. This means regularly checking your privacy settings, being vigilant against scams, and keeping your personal devices updated. Remember, cybersecurity isn't just IT's job; it's your responsibility too.
Ensure you understand what your cyber responsibilities are at work - do you know what to do with suspicious emails for example?
Further Guidance and Support:
Governance play a key role in Cyber Strategy, they should consider completing the Cyber Governance Code of Practice - Data Protection Education customers can complete the checklist on the Knowledge Bank Platform as part of their Compliance Reporting.
Review the DfE Leadership & Governance Standards - Data Protection Education customers have access to the tracker free of charge and can complete the tracker on the Knowledge Bank Platform as part of their Compliance Reporting.
DPE Knowledge Bank Guidance and Support:
For schools and colleges, six of the DfE Digital Standards are now mandatory. We have a DfE Digital Standards Tracker tool help you track your cyber resilience and your progress: 
Review our Cyber Security Best Practice Area for micro learning, support, guidance and policies:
Why not have a look at our 'specialist' trainer Harry the Hacker :