5 reasons why employees are the secret to SME cyber-security

Senior Support Analyst

Fav thing about the office

Cheesecake Wednesdays

As a child I wanted to be a ... when I grew up


Guilty Pleasure(s)

Gu Puds

Favourite Holiday

2 weeks in Florida

If I had a superpower it would be...

Definitely flying

Describe yourself in three words or less

Lots of Energy

An interesting fact about me

I was once the South Ribble Chess Champion.


Exercise, Muay Thai, Singin' in the rain

Favourite Band

Its not about the artist its about the style

Karaoke Jam

Vengabus- Vengaboys

What I do at Q2Q:

I head up the IT support team.

On a daily basis I work on resolving IT issues for our clients. My skill set tends to adapt according to the current needs of our customers, from solving basic matters like fixing a printer through to more complex server infrastructure deployment. I am also often out on site visiting customers that are in need of an IT saviour.

Within the team, I work on the proposals for new and existing customers, and ensure we all work together to implement the solutions we propose.

I enjoy overseeing new projects so that, when clients evolve, we can ensure their growth, office move and/or induction of a new team member, is as seamless as possible from an IT perspective.

I also drive the rest of the team insane with my singing!

Background and Achievements

I joined the Q2Q team when they were part of the I.T. department for the Tulchan Group 14+ years ago. This was my first full-time role straight of out A-levels. I have enjoyed being part of the company and watching it grow from 3 members of staff to a blossoming 10.

I find it hard to pin point specific achievements as one of my values personally is to always exceed your own expectations. My wife would say being a great Dad to my two boys.

A great achievement for me is getting 76 miles to the gallon on the motorway and being able to finally grow stubble.

Hobbies and Interests

I aim to train in Muay Thai twice a week and religiously go to the gym every day I can.

I can juggle and have always wanted to learn knife throwing.

We’ve said it before in this blog and we’ll no doubt say it again – employees who are not trained and briefed properly on how to safeguard systems and data are the weakest link when it comes to cyber-security.

You can install high-grade IT measures to ward off attacks and repel the most sophisticated of malware, but if your staff don’t know their responsibilities, you are very vulnerable to a data leak.

Something as simple as a laptop left on a train could lead to serious problems that a business of any size could struggle to recover from – especially given huge new penalties under GDPR. The time and expense involved in training often puts off busy companies who operate to tight margins – but the investment is very small when set against the possible consequences of ignoring this important area.

A survey last autumn claimed the cost of cyber-crime in the UK had risen by 19% that year, and totalled £6.4 million – much of which could have been saved, had employees been better-equipped to minimise risks.

It was also revealed that 55% of workers could not remember receiving specific cyber-security training. Yet, of those who had been briefed, 70% felt it improved their ability to recognise and react to threats.

The good news is that employees are interested in cyber security and want to learn how to protect their employers’ interests and customers’ personal information.

So, what are you waiting for? Get that training organised! Do you need further persuasion? Here are five good reasons – based on National Cyber Security Centre advice – why employees are your lifeline in staying safe digitally:

  1. Computers can only do so much

    There is no question about it. Staff need to have appropriate awareness, knowledge and skills to uphold the security of their employer’s network and information systems. IT measures to prevent data breaches do their bit – but so must the humans!

  2. Knowledge is power

    Security awareness training is definitely not ‘one size fits all’. To be properly effective, it should be tailored to reflect the way people really work – including on their own devices, where this is applicable. Owners and managers need to be clued up so that they can make sure everyone who works for them is also on board with a positive security culture.

  3. You can grow your own experts

    Given that your employees are probably interested and enthusiastic about this subject – especially thanks to all the publicity around GDPR – with the right training, you can make them experts in what they need to do within their own job role. Be people-focused in your approach, selective about what you expect them to remember and provide regular updates and refreshers.

  4. It’s good to talk

    These outcomes are best achieved when employers and staff talk often about network and information system security, and how it relates to people’s jobs. Have you thought about creating and promoting a long-term security vision that everyone can buy into?

  5. Great security can be a real selling point

    Finally, why keep your efforts behind the scenes? Letting your customers and clients know just how seriously your people take the security of their data will fill them with confidence and may even be a key selling point.  Developing a positive security culture may take time – and potentially years to become fully established – but it’s worth it, on so many levels.

Need some advice on cyber-security training? Get in touch with Q2Q today to see how we can help you achieve that positive security culture.

5 reasons why employees are the secret to SME cyber-security