Skip to content
Step 1 /
flag Introduction

Why security matters for everyone

Data security sounds like something for the IT department. Yet most damage does not start with technology, it starts with people: a password shared too quickly, a wrong attachment, a lost laptop. In this module you will see why you, and every colleague, are an important link in protecting data.

target What you will learn in this module
  • check_circle Why people are the most important link in data security
  • check_circle What is at stake in a data breach: data, GDPR, and trust
  • check_circle How your daily habits make the difference
groups The human factor

Research consistently points out that the vast majority of data breaches, an estimated 80 to 90 percent, involve human action.

Think of an email sent to the wrong person, a password that is reused, an attachment opened too quickly, or a USB stick that is lost. No firewall stops that.

key You make the difference

People are often called the weakest link. But the opposite is just as true: an alert employee is the best defence. Good habits catch far more than any technical measure does.

warning What is at stake

What a data breach costs

A simple rule: no privacy without security. If personal data leaks, the privacy of those people is violated at that same moment. Security and privacy are not separate worlds; they are each other’s precondition.

When personal data ends up in the wrong hands, or is lost, we call it a Personal data breach A security breach where personal data is lost, altered, or ends up in the wrong hands. That can be a hack, but just as well a lost laptop or an email to the wrong recipient. . The consequences reach further than the screen.

  • Harm to people: customers or colleagues whose data leaks risk fraud, identity theft, or unwanted exposure.
  • GDPR obligations: a serious breach must be reported within 72 hours to the supervisory authority (in the UK, the ICO). Inadequate security can lead to fines.
  • Trust and reputation: customers and partners expect you to handle their data with care. One incident can damage that trust for years.
  • Time and money: investigating, recovering, notifying everyone, and rebuilding systems takes days of work and often a hefty bill.
gavel Security is GDPR too menu_bookRead more in the knowledge base

The GDPR requires every organisation to secure personal data appropriately. Working safely is therefore not only sensible, it is a legal obligation too.

link A link in the chain

Security is a habit, not a one-off action

Security is not a lock you turn once. It is in the choices you make every day: how you manage your passwords, with whom and how you share access, how you send data, and what you do when something goes wrong.

In the next modules we translate that into concrete habits:

  • Strong accounts: passwords, 2FA, and passkeys.
  • Access and systems: only what is needed, and everything up to date.
  • Handling data safely: how you share, store, and clean up.
  • When something goes wrong: spotting and reporting a breach quickly.
phishing Phishing? There is a separate course for that menu_bookTo the Recognising phishing course

Phishing emails and scam messages are a topic in themselves. We touch on them briefly below, but for the real practice we point you to our separate “Recognising phishing” course.

psychology What do you do?

A first situation

Throughout this course you will practise with realistic situations. Each time you choose what you would do, and afterwards you see why. Here is a first one, to set the tone.

mail
You get an email that looks like it is from your bank, with the message that your account will be blocked if you do not confirm your details within the hour via the button in the email.

What do you do?

quiz Practice · question 1 of 2
info Just practice, this does not count toward your certificate
What share of data breaches involves human action?
Correct: by far the most breaches have a human cause, from a misaddressed email to a reused password. That is why your behaviour makes such a big difference.
quiz Practice · question 2 of 2
Why is working safely also a GDPR matter?
Correct: the GDPR requires every organisation to secure personal data appropriately. If something does end up in the wrong hands, it is a breach that you may have to report within 72 hours.
summarize Summary

What you take away from module 1

  • bolt The vast majority of data breaches involve human action, not technology.
  • bolt People are the weakest link, but an alert employee is also the best defence.
  • bolt A data breach affects people, brings GDPR obligations, and damages trust, time, and money.
  • bolt The GDPR requires you to secure personal data appropriately.
  • bolt Security is a daily habit: accounts, access, sharing safely, and knowing what to do when something goes wrong.
workspace_premium Module complete

Module 1 complete 🎉

You now know why security matters for everyone and what is at stake. In module 2 we start at the basics of every safe system: how you protect your accounts with strong passwords, 2FA, and passkeys.

lock_open 1 of 6 modules

On your way to your “Security awareness” certificate

Complete all 6 modules and pass the final exam (at least 70%) to receive a personal certificate of attendance in your name.

check_circle Module 1 completeradio_button_unchecked Modules 2-5radio_button_unchecked Final exam ≥ 70%
workspace_premium