Cyber Rebels

  • Mon - Fri : 9:00 -17:00
Neotech-icon-facebook-f Neotech-icon-twitter Neotech-icon-linkedin-in Neotech-icon-instagram
Cyber Rebels logo with padlock design.
Menu
0 £0.00

Have Any Questions?

Book A Call

Get In Touch
Apprentify Case Study Sep 2025
breacumb linear5
breacumb linear4

Apprentify Case Study Sep 2025

Cybersecurity training certificate in frame on table.

Beyond the Firewall: Safeguarding Learners in a Digital World Supporting Apprentify’s Development Coaches with Practical, Safeguarding-Led Cyber Awareness The Context For further education providers, professional development increasingly needs to reflect the realities staff face when working digitally, remotely, and with vulnerable learners. A message from a learner arrives outside normal hours, asking for help with […]

Beyond the Firewall: Safeguarding Learners in a Digital World

Supporting Apprentify’s Development Coaches with Practical, Safeguarding-Led Cyber Awareness

The Context

For further education providers, professional development increasingly needs to reflect the realities staff face when working digitally, remotely, and with vulnerable learners.

A message from a learner arrives outside normal hours, asking for help with something that feels urgent. It fits the relationship, it feels appropriate, and responding quickly feels like the right thing to do.

In that moment, the decision isn’t about cybersecurity. It’s whether to respond and support, or pause and question something that doesn’t feel obviously wrong.

The pressure isn’t explicit. It comes from responsibility, from familiarity, and from the expectation to respond quickly and keep support moving.

Apprentify reached out while exploring options for a remote CPD session for their Development Coaches. As a Designated Safeguarding Lead (DSL), the focus wasn’t simply on delivering generic cybersecurity awareness, but on understanding how modern online threats intersect with safeguarding responsibilities in an education setting.

They were looking for an external session that would feel relevant to the day-to-day reality of Development Coaches — something that reflected how decisions are actually made when working with learners, rather than abstract guidance or technical instruction.

The requirement was clear: a session that would support staff confidence, fit naturally within existing safeguarding responsibilities, and translate directly into better judgement and safer practice when working with learners online.

The Challenge

In education settings, cybersecurity rarely presents itself as a clear technical problem. It appears through everyday decisions made under pressure — often in the context of safeguarding, learner support, and remote working.

Development Coaches are trusted to communicate with learners across multiple platforms, handle personal data, and respond to concerns that may involve online behaviour. The challenge isn’t recognising that risk exists — it’s recognising when risk is present in situations that feel normal, appropriate, and aligned with the role.

In practice, risk doesn’t appear as something obviously suspicious. It shows up in messages, platform activity, and routine communication — moments where the priority is supporting the learner, not questioning the interaction.

Because these situations mirror expected behaviour, there’s often no clear signal to stop. Acting quickly makes sense. Responding feels appropriate. And that’s exactly where risk can sit.

Generic cybersecurity training often focuses on tools, policies, or worst-case scenarios. That approach doesn’t reflect the reality of an FE provider, where staff need to make calm, proportionate decisions that protect learners without disrupting support or eroding trust.

The core challenge for Apprentify was not a lack of awareness, but a lack of shared context: understanding how digital risks connect to safeguarding responsibilities, and how to respond confidently when something feels “not quite right” — without fear of getting it wrong or slowing down support.

Cybersecurity training certificate in frame on table.
Cyber security for learners in digital environments

Our Approach

The session was built around a simple idea: the risks staff face aren’t separate from safeguarding — they emerge from the same everyday decisions.

Rather than treating cyber risk as something technical, the focus was on how decisions play out in the working lives of Development Coaches. In practice, this meant exploring situations that already feel familiar — remote working, learner communication, sharing information — and looking at how risk can sit within those normal interactions.

Remote and home working were approached through the lens of responsibility rather than rules. Instead of focusing on settings or controls in isolation, the discussion centred on how everyday habits — device use, account separation, and online access — shape the level of protection around both staff and learner data.

The session also explored how trust is built and used in education environments. Development Coaches examined how publicly available information, routine communication, and established relationships can all make something feel legitimate — even when it isn’t. The focus wasn’t on spotting obvious threats, but on understanding why something can feel right in the moment.

Phishing and scams were approached in the same way. Rather than relying on lists of warning signs, the session focused on what happens when something doesn’t feel quite right — and how people decide whether to act, ignore, or pause and check. Particular attention was given to how early reporting changes outcomes, and how calm, visible escalation supports both staff and learners.

Safeguarding and cybersecurity were then brought together using the 4 C’s from KCSIE (Content, Contact, Conduct, Commerce), helping staff see how digital risks sit naturally within existing safeguarding responsibilities rather than alongside them.

Throughout the session, the emphasis remained on building confidence and shared understanding. Mistakes were treated as part of normal working life — not as failure points — creating space for open discussion, reflection, and better decision-making in real situations.

The Outcome

The most noticeable shift was in how situations were interpreted.

Before the session, many scenarios were judged based on whether they felt appropriate within a safeguarding context — whether the message, request, or interaction “looked right” given the relationship with the learner.

Afterwards, there was a clearer sense of when something needed to be paused and sense-checked — particularly in situations that felt routine, familiar, or well-intentioned.

The shift wasn’t towards spotting obvious threats. It was towards recognising when a decision carried risk — even when nothing appeared immediately wrong.

That change showed up in how people talked about situations.

Instead of:

“It seemed fine at the time”

there was more of:

“It made sense, but I wanted to double-check”

Cybersecurity stopped feeling like a separate technical responsibility and became part of everyday safeguarding judgement. Staff became more aware of how small decisions — responding quickly, sharing information, continuing a conversation — can carry implications beyond the immediate task.

Just as importantly, the session reinforced that mistakes are not where risk escalates — silence is.

By normalising reporting and discussion, it supported a culture where uncertainty can be shared early, and where both staff and learners feel more comfortable asking questions or raising concerns.

The result wasn’t a change in policy or process, but a change in how situations are approached — with more awareness of context, more confidence in pausing, and a clearer understanding that protecting staff and protecting learners are closely connected.

Client Feedback

“I found the Cyber Awareness session really engaging and relevant. The real-world examples and AI insights were especially useful, and I came away feeling more confident about cybersecurity.”

Sue Elms, Apprentify

Project Information

Client

Apprentify

Industry

Further Education & Training Provider

Audience

Development Coaches

Service

2hr Quick Cybersecurity Awareness Sessions

Delivery Method

Online via Teams

Director of Training and Development, Cyber Rebels. Andy Longhurst is the founder of Cyber Rebels and a cybersecurity practitioner and educator focused on how risk actually shows up in real organisations. His work sits at the intersection of digital safety, education, and practical risk management — helping teams understand not just what policies say, but what happens in the moments where decisions are made under pressure. With a background spanning adult education, web development, and technical consultancy, Andy specialises in translating complex security concepts into clear, usable understanding. Rather than focusing solely on tools or compliance frameworks, his approach centres on human behaviour, judgement, and the systems that shape everyday choices. He delivers live, interactive cyber awareness training for organisations of all sizes, from small businesses and education providers to public-sector teams and larger organisations operating in complex risk environments. Outside of delivery, Andy spends his time analysing emerging attack patterns, refining training design, and exploring how organisations can build resilience that holds up in the real world — usually with a strategically sized cup of tea close to hand.

Website
Case Studies

Cybersecurity Training in Practice

Previous
Next
Search

account

cart

  • Cyber Rebels
All category
Shopping cart close