Thursday, 7 May 2026
The risks businesses face aren’t always technical. They stem from busy days, quick decisions and things slipping through the cracks.
We’re all juggling priorities, moving quickly and trying to get things done.
The importance of handling information carefully was first drilled into me during my time working in police communications, where managing sensitive and personal data was critical.
In that environment, one principle always stood out: prevention starts with awareness.
When we hear ‘cyber security’, it’s easy to imagine complex systems, specialist software or something handled entirely by IT.
But it’s far simpler, and much closer to everyday behaviour.
Most issues come down to routine habits. Clicking a link without checking, sending information to the wrong person, reusing passwords, or storing data without clear processes.
It’s often where the problems start.
Increasingly, small businesses, particularly on our high streets, are becoming easy targets because of this.
I’ve been exploring this more through cyber security and data protection workshops I’ve been delivering for We Are UMi, as part of the Digital Knowledge Exchange programme.
In these sessions we break things down into three areas.
Mistakes (acting too quickly), oversights (gaps in processes or responsibility) and habits (behaviours we do automatically without thinking).
The focus in on helping people recognise these patterns early and changing them before they become a problem.
My approach isn’t technical or legal. It’s rooted in communication and awareness.
It’s about translating something that can feel complex into clear, practical guidance that fits into everyday business life.
Because when people understand why something matters, they are far more likely to act on it.
The most effective changes aren’t complicated. Pausing to sense-check an email, double-checking where information is being sent, using stronger, more secure passwords, and being more aware of how and where data is stored (including the information we’re increasingly sharing with AI tools).
Simple, consistent habits that reduce risk over time.
In my experience, crisis communication often comes into play when something has already gone wrong. But the real value lies in prevention. Giving people the awareness and confidence to act before it becomes an issue.
If you’re running a business support programme or you’re a business owner looking for a practical, jargon-free approach to cyber security and data protection from a communication perspective, I’d be happy to chat.