The NCSC releases new training for small organisations, charities and the voluntary sector

NEW GUIDANCE: With 38% of micro and small organisations experiencing a Cyber Security breach in the last 12 months, and with the average cost of those being over £8K, the NCSC has released new training for small organisations and charities.

Most small organisations do not have an IT department, or technical staff responsible for cyber security. And with so much cyber security advice out there, it can be difficult for small organisations to know where to start.

This is where the NCSC's new training for small organisations and charities can help. It guides you through all the actions you need to take to reduce the likelihood of you becoming a victim of the most common cyber attacks.


The training demonstrates how you can improve your organisation’s resilience, and covers five key areas:


1. Backing up your organisation's data correctly


2. Protecting your organisation against malware


3. Keeping the devices used by your employees secure


4. The importance of creating strong passwords


5. Defending your organisation against phishing


The training will put your staff in the driving seat. They will be answering questions, identifying possible issues, and making suggestions for how to prevent, and tackle common cyber security challenges.

The training is primarily aimed at SMEs, charities and the voluntary sector, but can be applied to any organisation, regardless of size or sector. It's been deliberately designed for a non-technical audience (who may have little or no knowledge of cyber security), with tips that complement any existing policies and procedures.


How to use the training

There are two options for using the e-learning package:


  • The first (and easiest) way is to direct your staff to the Cyber security for small organisations page, which is hosted on the NCSC website. The package is free to use, and includes knowledge checks. No login is required - just click on the link and start learning.

  • The other way is to integrate the package into your own organisation's training platform. You can do this by downloading the following zip file, which contains the package as a SCORM-compliant file. We have also created an API version as an alternative to help users who have been unable to use SCORM.


Once imported into your own LMS system, you can tweak the package to suit your needs as the content is covered by the Open Government Licence.

The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for the South East is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others. Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for the South East provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

The Cyber Resilience Centre for the South East does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for the South East is not responsible for the content of external internet sites that link to this site or which are linked from it.