Clients are increasingly savvy about cyber security. With some careful planning, you can use Cyber Security Awareness Month to help you convince potential clients that you’re the right supplier for them!

Held in October, it’s the ideal time to raise awareness of your commitment to safeguarding your systems and client data.

To do the topic justice, you need to start planning your activities now.

Ask your team to think of a good topic for a blog. Perhaps you’re been recently certified or re-certified to ISO27001, IASME or Cyber Essentials? If so, you can prepare a blog explaining how your certification benefits your clients. Don’t forget to ask clients for testimonials (or check your Google reviews for suitable entries). If you’d like to include a comment from us, please email Please allow a week for us to turn this around for you.

Think about activities you can run during the month, such as group training, a team meeting, a phishing simulation or a mini audit. Our resources sheet will help you find the resources you need to carry these out successfully.

Work your way through your IT policies, highlighting the most important information. Turn this into a bitesized video, using free software like Biteable and then test your employees’ understanding using an online quiz. Including statistics, such as those found in the Cyber Security Breaches Survey, will help all employees realise what a vital role they play in protecting your business (and their positions).

With a little forethought, you can easily develop a month’s worth of social media content which will help both clients and employees understand the importance of your cyber security precautions. For example:


Week one: focus on training & certification (ISO 27001, IASME or Cyber Essentials)

  • Mark the start of Cyber Security Awareness Month with free online training (e.g. from the National Cyber Security Centre) and/or a virtual team meeting over Zoom. If your colleagues are motivated by food, include a team lunch (this could be delivered to remote workers via Justeat or Deliveroo). Encourage staff to watch a bitesized video relating to a cyber security topic, e.g. how to handle confidential data or how to spot a phishing attempt. Post about these activities on social media.
  • Blog about any recent certifications or re-certifications to ISO27001, IASME or Cyber Essentials. Promote your blog on your social media channels. Don’t forget to link to an awards page on your website which carries more information, if you have one. Not certified? Why not make a public commitment to getting certified this year?


Week two: focus on phishing and recycling

  • Run a phishing simulation (prices from 12p per day via Risk Evolves). Post about the risks of phishing on social media, including statistics.
  • Post photos of your old tech (laptops/mobiles/tablets) and explain how they are securely recycled. Some charities will recycle old tech for free, for example, our local Air Ambulance.


Week three: client focus

  • Release a blog explaining how your cyber security policies/procedures benefit your clients. Link to relevant case studies. Promote the blog on social media.
  • Join your local Cyber Resilience Centre (see below) and share the news on social media. Invite other companies to join.


Week four: celebrate your team

  • Release your cyber security quiz. Post about it on social media.
  • Recognise employees as cyber security heroes. Profile them on social media and give them a certificate, award or fun prize. Don’t just pick someone from your IT team, cyber security is a shared responsibility. This is a great opportunity to make cyber security feel relevant for everyone.


Every week
Make a conscious effort to share relevant posts. You can be part of the action on Twitter @CyberSecMonth. Don’t forget to use #CyberSecMonth on LinkedIn too. We’ll be posting regularly, but you may also like to look out for content from your local Cyber Resilience Centre (see below) and the National Cyber Security Centre.


Cyber Resilience Centres

The following centres are now open. Core membership is free:

The West Midlands Cyber Resilience Centre

The Cyber Resilience Centre for the East Midlands

The Cyber Resilience Centre for Greater Manchester

The Cyber Resilience Centre for the South East

The Business Resilience Centre for the North East


Our MD, Helen Barge, represents the needs of SMEs as part of the West Midlands Cyber Resilience Centre’s Advisory Group.

Centres in Wales, the South West and the East are coming soon. Sign up for our newsletter for notifications about these centres and other cyber security, risk management and GDPR news.


Promotion Power Pack

Our Promotion Power Pack offers ten ways to boost awareness of your certifications. From web copy to email footers, PowerPoints to proposals, it’ll help you make the most of your achievement. You’ll be automatically supplied with a copy before your next re-certification audit. Can’t wait? Email today to request your copy.