Toolkit

Cybersecurity and Data Protection

The Cybersecurity and Data Protection toolkit, developed by the British High Commission Pretoria and the South African Department for Communications Digital Technology, contains free open licence tools, templates and guides that equip small businesses with the foundational training materials and resources they need to increase their cybersecurity resilience and become compliant with the POPI Act.

Who should use this toolkit?

Anyone working at a hub who would like to increase their knowledge on cybersecurity and data protection to protect their personal and organisational data and work.

Hub facilitators looking to train up SMMEs on cybersecurity and data protection – core trainings required for any digitally-enabled business.

Anyone looking for free and easy-to-use resources and tools to protect their business or personal information and systems.

Cybersecurity toolkit

There are six cybersecurity toolboxes comprising introductory learning content and a collection of accessible and free digital tools and downloadable guides that you and your entrepreneurs can use to assess and protect personal and organisational data and information.

Know what you have

Start by taking an inventory of your devices and accounts to identify risks and discover which items need to be secured.

Update your defences

Keep your systems updated to boost your digital immunity against threats such as viruses and spyware.

Beyond simple passwords

Strengthen your passwords and use multifactor authentication to protect your devices and accounts.

Prevent phishing and malware

Protect your systems from malware and phishing attacks, which are common and very expensive for small businesses.

Backup and recover

Backup your data and files regularly to safeguard your work should you fall victim to a cyberattack.

Protect your email and reputation

Ensure your brand name and email address are not used by others pretending to be you.

Exercise in a Box

This tool helps hubs and entrepreneurs test and practice their response to a cyberattack. It’s completely free and you don’t have to be an expert to use it.

Data Protection toolkit

These resources have been developed for South African small businesses to align with the Protection of Personal Information (POPI) Act, and include process documentation and policy templates. Start by downloading and reading our POPI Toolkit Guidance document.

Opt-out form

This form can be used by SMMEs to keep record of data subjects that do not want their personal information used.

(

43 KB

KB)

Opt-in form

This form can be used by SMMEs to gain direct marketing opt-in permission from the data subject.

(

25 KB

KB)

Privacy and information security risk register template

This register can be used by SMMEs to outline that records identified privacy and information security risks.

(

19 KB

KB)

Information security policy template

This policy can be used by SMMEs to outline how personal information collected by the entrepreneur will be secured and protected.

(

36 KB

KB)

Records of processing activities template

This template can be used by SMMEs to keep a record of all business activities concerning personal data.

(

366 KB

KB)

Sensitive information policy template

This policy can be used by SMMEs as a guide when determining what personal information can be shared with third parties.

(

34 KB

KB)

Records of destruction template

This template can be used by SMMEs to record all personal information records that are destroyed.

(

95 KB

KB)

Retention policy template

This policy can be used by SMMEs to guide the retention and destruction practices of personal information.

(

70 KB

KB)

Information asset register template

This register can be used by SMMEs as a repository of information assets.

(

19 KB

KB)

Breach notification letter template

This letter can be used by SMMEs to communicate with data users in the event of a security breach.

(

32 KB

KB)

Data privacy policy template

This template can be used by SMMEs to outline the scope of the information that will be collected and kept safe.

(

40 KB

KB)

Acceptable use policy template

This template can be used by SMMEs to describe which conditions a user must agree to in order to gain access to a corporate network or use company-owned devices.

(

46 KB

KB)

Privacy notice statement template

This template can be used by SMMEs to assist in creating a privacy notice to share with data subjects to request their consent.

(

140 KB

KB)

POPI Act checklist

This checklist can be shared with SMMEs, and summarises all eight conditions included in the POPI Act.

(

232 KB

KB)

POPI Toolkit Guide

This guide introduces the POPI Act and all elements of the toolkit, which can be shared with SMMEs or drawn on for a hub’s operations and data management.

(

1909 KB

KB)

All resources for this toolkit

31 resources

Explainer videos

No explainer videos found

Core toolkit resources

No resources found