Cyber Safety PortalEnglish | Français

Cyber security guidance

Practical advice to help protect accounts, devices, websites, networks and digital services.

For individuals

Use a password manager, turn on multi-factor authentication, update devices, and pause before clicking links in emails, text messages or ads. Most personal cyber attacks start with pressure: a fake delivery, a prize, a banking warning, a support call or a request to move money quickly.

For small and medium businesses

Start with email security, cloud account controls, staff training, secure payment workflows and tested backups. Keep a written incident contact list so your team knows who can disconnect devices, call vendors, contact banks and communicate with customers.

For large organizations and infrastructure

Map critical services, identify crown-jewel systems, test recovery times, monitor exposed assets and review supplier access. Segment networks where possible and ensure privileged accounts are protected with strong authentication and logging.

For public and democratic institutions

Protect public-facing services with secure configuration, vulnerability management, accessibility-friendly incident communication and clear escalation routes. Teams should rehearse cyber incidents before high-traffic periods and important public events.

For education and research

Schools, colleges and research teams should protect student data, research files and staff accounts. Provide short, repeatable awareness lessons and make it easy for users to report suspicious messages without fear.

Basic cyber safety checklist

AreaRecommended action
AccountsUse MFA and unique passwords for every important account.
DevicesInstall updates and remove apps that are no longer needed.
DataKeep offline or cloud backups and test recovery.
PeopleTrain staff to identify phishing, scams and urgent payment fraud.
ResponseCreate a simple contact list and incident decision process.