Raeburn Training

As the winter months approach, construction sites face a fresh set of challenges. Shorter days, freezing temperatures, and unpredictable weather all create extra risks- both for workers and for productivity. 

While it might feel like business as usual, cold weather can quickly turn routine tasks into hazards. Slippery walkways, reduced visibility, cold stress, and equipment issues all become real concerns. With some forward planning and the right precautions, though, it’s possible to keep your site safe, compliant, and running smoothly right through winter. 

This blog outlines the main winter construction risks and gives practical advice on how to reduce them- based on HSE guidance and best practices from across the industry. 

Why Construction Risks Increase in Winter

Working outdoors in winter brings extra physical and environmental challenges. Cold air reduces dexterity, slows reaction times, and can make manual handling more difficult. Frost, ice, and mud create unstable ground, and shorter daylight hours mean visibility often drops just when heavy machinery and vehicles are still in use. 

The HSE classifies these as foreseeable hazards- meaning employers must plan and take action to protect workers. The goal isn’t just to avoid accidents, but to keep teams healthy, comfortable, and able to do their jobs safely. 

1. Slips, Trips and Falls

One of the biggest winter hazards on site is the increase in slips, trips, and falls. Ice, frost, and mud build up quickly on access routes, scaffolding, and steps. These may not always be visible, especially early in the morning or late in the day. 

How to reduce the risk: 

Even small actions, like adding temporary barriers or warning signs, can make a big difference. 

Environmental Health and Safety

2. Cold Stress and Weather-Related Health Risks

Prolonged exposure to cold weather can affect both comfort and concentration. Conditions such as cold stress, hypothermia, and frostbite can occur if workers are not properly protected. 

Preventative measures: 

Remember: being cold or wet for long periods doesn’t just affect comfort- it impacts alertness, decision-making, and reaction time. 

3. Reduced Visibility

With shorter daylight hours and darker mornings, poor visibility becomes a serious risk on construction sites. This increases the likelihood of collisions, especially where vehicles and pedestrians share space. 

What to do: 

Good lighting is one of the simplest and most effective winter safety measures. 

4. Machinery and Equipment Issues

Cold, damp weather can cause mechanical problems. Engines take longer to start, hydraulic systems stiffen, and batteries drain faster. Frozen ground can also affect the stability of machinery.

Best practice:

If the weather turns severe, it’s always better to delay work than risk damage or injury.

How weather conditions affect construction equipment performance - sdlg

5. Fatigue and Wellbeing

Winter isn’t just physically demanding- it can also impact mental wellbeing. Working long hours in cold, dark conditions can lead to tiredness, reduced motivation, and stress. 

Support your team by: 

A well-rested, supported team is far more likely to stay alert, safe, and productive. 

Cold Weather Workwear for Concrete Crews: Preventing Frostbite and Cold Stress on the Job | Asphalt Contractor

6. Legal Responsibilities and Risk Assessment

Employers have a legal duty under the Health and Safety at Work Act and Workplace (Health, Safety and Welfare) Regulations to protect employees from risks- including those caused by cold weather. 

While there’s no set minimum outdoor temperature, HSE guidance states that conditions must be “reasonable.” That means conducting a seasonal risk assessment to identify: 

These assessments should be updated as conditions change. 

Practical Tips for Safer Winter Working

Here are some simple yet effective ways to improve winter safety across your site: 

Promoting a Positive Safety Culture 

Winter safety isn’t just about procedures- it’s about mindset. Encouraging workers to look out for each other helps prevent incidents before they happen. 

Remind your team that reporting hazards, taking breaks, and wearing the right PPE aren’t signs of weakness- they’re part of working smart. A strong safety culture builds confidence and trust, helping everyone get home safely at the end of the day. 

Final Thoughts 

Winter weather will always bring extra challenges to construction sites, but with planning, awareness, and teamwork, these can be managed effectively. 

By carrying out proper risk assessments, maintaining equipment, and supporting workers’ wellbeing, you can reduce incidents and keep projects running efficiently- no matter how cold it gets. 

If you’d like tailored guidance on winter risk assessments, PPE selection, or site safety training, our team can help. We provide expert support to ensure your site stays compliant, safe, and ready for whatever winter brings. 

Stay safe, stay warm, and keep safety at the heart of everything you do. 

In the fast-paced and often high-pressure world of construction, the wellbeing of workers can too easily be overlooked. Long hours, physically demanding labour, tight deadlines, and financial insecurity can all take a heavy toll and, when combined, these pressures can push people into crisis.  

That's why we are taking the opportunity to shine a spotlight on The Lighthouse Construction Industry Charity, the only organisation 100% dedicated to supporting the construction community across the UK and Ireland.  

Their mission is simple yet powerful: to ensure that no construction worker or their family ever feels alone in a crisis. Through free, confidential, and round-the-clock emotional, physical, and financial wellbeing support, they are transforming lives across the industry one call, one site visit, one conversation at a time.  

Origins and Mission

The Lighthouse Charity traces its roots back to 1956, when a group of construction professionals attending a Ministry of Public Buildings & Works exhibition in Whitley Bay pledged to create a beacon for those in need within the industry.

Today, that vision has evolved into a modern, multi-faceted charity that provides free and confidential support across three core pillars: emotional, physical, and financial wellbeing.

What Lighthouse Does: Services & Programmes

Lighthouse’s support is built to be holistic and accessible, meeting people wherever they are- on the phone, online, or on site. Here’s a breakdown of their principal services and programmes:

1. 24/7 Helpline

    2. Digital Support

    3. Critical Incident Support Team

    4. Lighthouse Beacons and On-Site Presence

    5. Financial & Welfare Support

    Because wellbeing is more than mental health, Lighthouse also supports: 

    Measurable Impact

    The charity’s 2024 Impact Report tells a story of growth, compassion, and measurable change. Over the past year, more workers have reached out for help- with a 29% increase in support requests, resulting in 5,696 families receiving vital assistance.  

    In total, Lighthouse delivered over £5 million in charitable support, handled more than 11,000 helpline calls, and delivered 5,761 counselling and mentoring sessions. They delivered 5,684 family meals and engaged 28,070 site operatives. 

    Behind each number is a story of hope- a tradesman overcoming addiction, a joiner’s family rebuilding life after a stroke, a survivor of domestic abuse finding safety and confidence, or a worker finally breaking free from isolation. The Lighthouse Charity doesn't just respond to crises; it restores dignity, stability, and belief in a better tomorrow. 

    #MakeItVisible: Breaking the Silence on Site 

    Mental health stigma remains one of construction’s biggest challenges- but Lighthouse is changing that, one site at a time. 

    Through the #MakeItVisible On Site campaign, dedicated teams travel across the UK & Ireland, visiting construction sites, hire yards, and offices to start open conversations about wellbeing. In 2024, they visited 574 sites and engaged directly with over 28,000 workers. 

    These visits save lives. Last year, 88 workers disclosed suicidal thoughts to the team- and each one was immediately connected to professional support and follow-up care. 

    Team members often share their own lived experiences, making these sessions relatable and authentic. As one industry partner put it: 

    “The #MakeItVisible tour is incredible. Its honest, down to earth, and full of real- life experiences that people can truly relate to.” 

    Wellbeing Academy

    Beyond crisis intervention, Lighthouse is helping to reshape construction’s culture through education. The Wellbeing Academy offers free and subsided training to help individuals and organisations build resilience and awareness. 

    In 2024 alone, more than 4,700 learners completed courses. Topics range from Mental Health First Aid, Suicide Awareness, and Managing Mental Health in the Workplace, to Menopause Awareness, Resilience Building, and Financial Wellbeing. 

    These programmes empower workers to look out for one another, foster empathy, and create safer, more supportive environments across and levels of the industry. 

    Why Lighthouse Matters

    Construction is an inherently risky sector. Its demanding, unpredictable, and often isolating. Many workers face short-term contracts, long commutes, or financial instability. Add to this the physical toll of labour and the cultural stigma around seeking help- and the result can be devastating.  

    Lighthouse breaks through these barriers. It offers a hand when pride, fear, or lack of access might otherwise stop someone reaching out. It reminds us that asking for help is not a weakness, but a strength. 

    As Sarah Bolton, CEO of the Lighthouse Charity, explains: 

    “Emotional, physical, and financial wellbeing are intrinsically linked- and we’re here to help our community build healthy, sustainable futures.” 

    How the Industry Can Support

    Lighthouse receives no government funding- every helpline call, counselling session, or rescue is made possible by donations, partnerships, and fundraising within the industry. 

    Here’s how companies and individuals can help: 

    Help is Here

    If you or someone you know works in construction and is struggling, remember- help is here. 

    Together, we can build a safer, stronger, and more compassionate construction industry- one where no worker ever has to face a crisis alone. 

    Time for a recap of our busy week during Fife Business Week! The Raeburn Training team took part in a range of events across the region- gaining insights, building connections, and sharing our own experiences with others in the local business community. Here's what we got up to:

    Monday

    Forth Green Freeport Event

    Sarah Raeburn attended the Forth Ports Forth Green Freeport event- a major long-term project right on our doorstep. It was insightful to hear about the investment, upcoming skills needs, and future job opportunities this project will bring to the region.

    Tuesday

    Trade Show Selling Workshop

    Sarah Huxter took part in a practical Trade Show Selling workshop. It was a great refresher on best practices for exhibiting at trade fairs and will stand us in good stead for the events we have planned in 2026.

    Wednesday

    Know Your Network

    Derek attended the Know Your Network event in Dunfermline. It proved to be an excellent opportunity to connect with employability partners and engage with clients we support across Fife.

    Thursday

    Meet the Buyer

    Sarah Huxter and Erin set up at the Fife Meet the Buyer event- always a valuable opportunity to catch up with Fife-based businesses and build new connections.

    Guest Speaker

    Sarah Raeburn was also in attendance as a guest speaker for the Fife Build Project talk. It was great to reflect on the initiative, share the benefits it has provided, and discuss the role it has played in our business growth.
    We hope the session encouraged more companies to get involved- and it was brilliant collaborating with Calforth and Gus Laing. Best of luck to the 2026 cohort.

    Friday

    Neurodiversity in the Workplace

    To round off the week, Sarah Huxter attended a session on Neurodiversity in the Workplace. The insights were extremely valuable, both from an employer perspective and as a training provider, and will help strengthen the support and additional provision we offer.

    As we mark Stress Awareness Week, it's worth remembering that work-related stress isn't just a "wellbeing matter"- it's a legal health and safety risk. According to the Health and Safety Executive, employers must assess and act on the causes of workplace stress.

    With nearly 776,000 workers reporting stress, depression, or anxiety linked to work in 2023/ 24, and 16.4 million working days lost as a result, it's clear that even small preventative steps can make a big difference.

    Here are five practical actions every team can take this week:

    If you're leading or managing a team, we'd encourage you to review your current risk stress assessment, use the Working Minds "Talking Toolkbit," and take a moment in your next meeting to discuss how you're supporting your people.

    Together we can make our workplaces healthier, more resilient, and compliant with our duty of care.

    We are delighted to deliver our first Women in Construction Academy in partnership with East Lothian Works and Balfour Beatty.

    This is our first academy designed specifically to support women entering the industry- an important step towards improving representation and creating accessible pathways into construction careers.

    Over the course of the week, delegates will complete a full programme of introductory construction training, gaining essential health & safety knowledge, practical skills, and the confidence to take their next steps. The programme included key qualifications such as Manual Handling, Working at Height, Fire Awareness and Abrasive Wheels, alongside support for their CSCS preperation.

    A huge well done to everyone who is taking part- we're incredibly proud to play a role in opening doors for more women joining the industry.

    Thank you to East Lothian Council and Balfour Beatty for their collaboration and commitment throughout the programme. We look forward to delivering more women-focused academies in the future.

    Welcome to the final part of our Cyber Security Awareness Month series!

    So far, we've explored why cybersecurity matters and the type of threats that can impact your business. In this final blog, we'll focus on the most important part- how to stay safe online and protect your people, data, and reputation.

    Just as workplace health and safety depends on good habits and awareness, digital safety relies on everyday actions. The goal isnt to eliminate all risk (thats impossible), but to build resilience, so your organisation can prevent, detect, and recover from incidents effectively.

    The 5Cs of Cybersecurity

    A practical way to strengthen your organisation's cyber resilience is to follow the 5Cs of Cybersecurity- a simple framework that covers the foundations of good cyber hygiene:

    1. Control
    2. Compliance
    3. Confidentiality
    4. Continuity
    5. Capacity

    Lets explore what each one means in real terms.

    Control

    Just like in physical safety, control is about knowing who can access what. Not everyone in your organisation needs to every system or file.

    Implementing role-based access ensures that staff only see the data relevant to their job. Combine this with:

    Remember: prevention starts with limiting opportunity.

    Compliance

    Cybersecurity isnt just good practice; its a legal requirement.

    Under the UK GDPR and Data Protection Act 2018, organisations must take "appropriate technical and organisation measures" to protect personal data.

    Compliance also builds trust with customers and partners. It shows that your organisation takes data protection seriously and follows recognised best practices.

    To stay compliant:

    Compliance doesn’t just protect you from fines- it protects your reputation.

    Confidentiality

    Confidentiality ensures that data is only accessed by authorised people.
    Breaches of confidentiality can happen in many ways- from phishing attacks to misplaced laptops.

    To protect your data:

    Simple habits make a big difference: locking screens when away from desks, shredding printed documents, and verifying requests before sharing information.

    When confidentiality is compromised, trust is broken. Safeguarding information is key to maintaining confidence with your clients, learners, and staff.

    Continuity

    Even with strong defences, no system is 100% secure. That’s why continuity planning is essential.
    It’s about ensuring your business can keep operating- or recover quickly- if something goes wrong.

    Ask yourself:

    Having backups and a clear plan means you can bounce back faster and limit the impact on customers. Continuity is the bridge between prevention and recovery.

    Capacity

    The final “C” is all about people.
    Even with the best technology, your organisation is only as strong as the awareness of your team. Human error remains the biggest cause of cyber incidents.

    Building capacity means:

    Empowered staff are the best protection against cyber threats.

    Good Cyber Hygiene: Simple Steps to Stay Safe Online

    Cybersecurity doesn’t have to be complicated. Many of the best defences come down to good digital habits:

    These may sound simple, but collectively they reduce your risk significantly.

    Building a Culture of Cyber Awareness

    Creating a cyber-secure workplace is not just about policies- it’s about culture. Everyone should feel responsible for keeping information safe.

    Here’s how to embed that culture:

    Just like health and safety, cybersecurity should be part of daily behaviour, not an afterthought.

    The Bigger Picture

    Cybersecurity isn’t just about avoiding fines or preventing downtime- it’s about trust, resilience, and professionalism.
    In the same way that workplace safety protects people from harm, cybersecurity protects the data, systems, and relationships that keep your business running.

    By following the 5Cs of Cybersecurity, practising good hygiene, and fostering a culture of awareness, you can protect your organisation from today’s most common digital threats- and build resilience for whatever comes next.

    We're absolutely delighted to share that Raeburn Training has been named Small Business of the Year at The Courier Business Awards 2025!

    This incredible recognition highlights our team’s continued hard work, innovation, and commitment to excellence. We couldn’t be prouder of how far we’ve come and of the dedication shown by every member of our team. It’s been six years of steady growth, challenges, and achievements- and moments like this remind us just how much can be accomplished through teamwork and determination.

    We were also thrilled to be finalists in the Growth Award category, which means a great deal to us. Being recognised not only for what we’ve achieved so far, but also for our ongoing development and ambition, makes this award even more special.

    A huge thank you goes out to our fantastic team, our loyal customers, and the event organisers for celebrating and supporting local business success across the region.

    We’re excited for what the future holds as we continue to grow, collaborate, and make a positive impact in the industries and communities we serve. Here’s to many more milestones ahead!

    We turned the office pink for a great cause!

    Our team joined in for #wearitpink, supporting Breast Cancer Now.

    We wore pink, baked pink, played the Big Pink Quiz, and raised money to support breast cancer awareness and research.

    A huge thank you to everyone who got involved and donated!

    Welcome back to our Cyber Security Awareness Month series! In our first blog, we explored why cybersecurity is crucial for every business, from legal obligations to real-world incidents in the UK. Now that we understand why cybersecurity matters, it’s time to focus on what we’re protecting against: the various cyber threats that can impact organisations like yours. 

    Cyber threats are evolving constantly. They don’t just affect big tech companies- they target businesses of all sizes, including small enterprises, charities, and financial institutions. Understanding the types of threats, where they appear, and how they work is the first step in staying safe. 

    Common Cyber Threats Explained

    1.Phishing

        Phishing is one of the most common and effective cyberattacks. Attackers send emails, text messages, or social media messages that appear to come from legitimate sources, like banks, suppliers, or government agencies. The goal is to trick recipients into sharing sensitive information, such as login credentials, bank details, or personal data. 

        Example: An employer receives an email that looks like it's from HMRC, warning of overdue taxes, and asking them to log in via a link. Clicking the link and entering login details gives the attacker access to the organisation's systems. 

        Red flags: urgent language, unexpected attachments, suspicious links, poor grammar, or unfamiliar sender addresses. 

        2. Malware

        Malware, short for “malicious software,” is software designed to harm, disrupt, or spy on computers and networks. There are many types of malware: 

        Malware can be delivered through email attachments, downloads, or infected websites. Once installed, it can slow systems, steal data, or provide remote access to attackers. 

        3. Ransomware

        Ransomware is a type of malware that locks files or systems until a ransom is paid, usually in cryptocurrency. As we saw in Blog 1, ransomware can cripple organisations, cause lost revenue, and damage trust. 

        UK examples: 

        Even if you don't pay the ransom, the downtime and recovering costs alone can be devastating.  

        4. Data Breaches

        A data breach occurs when sensitive information is accessed or disclosed without permission. This could be personal data, financial records, or internal company information. Breaches can happen due to hacking, human error, or lost devices. 

        Example: In 2024, a Scottish nursery suffered a data breach after employees were tricked by phishing emails, exposing children’s and parent’s personal information. 

        Data breaches can lead to reputational damage, regulatory fines, and loss of client trust. For training providers, safeguarding learner and staff information is critical. 

        5. Social Engineering

        Social engineering exploits human psychology rather than technical vulnerabilities. Attackers manipulate people into revealing information or performing actions that compromise security.  

        Examples include: 

        The most common tools are emails, phone calls, or in-person tactics. Social engineering often works hand-in-hand with phishing or malware attacks. 

        6. Insider Threats 

          Not all cyber threats come from outside. Insider threats originate from employees, contractors, or partners. These threats may be intentional (malicious insiders stealing data) or accidental (staff clicking a phishing link or misconfiguring a system). 

          Example: a staff member accidentally uploads sensitive learner records to a shared public folder. Even though no hacker was involved, the data is now exposed. 

          7. Supply Chain Attacks

          Supply chain attacks occur when attackers compromise third-party vendors or service providers to gain access to their clients. This is increasingly common as businesses rely on multiple external services. 

          Example: The Marks & Spencer's ransomware attack in 2025 began through a third-party contractor, highlighting the need to assess and secure not just your systems but also those of your suppliers. 

          Where You Might Encounter These Threats

          Understanding where threats might appear can help you recognise and prevent them. Common attacks vectors include: 

          Cybercriminals look for the weakest link, which is often human behaviour, so awareness and vigilance are key. 

          The Real Impacts of Cyber Threats

          Even a single incident can have significant operational, financial, and reputational consequences: 

          Cyber security isn't just an IT issue- it affects every aspect of business operations. For training providers and other service-based organisations, protecting learner, staff, and client data is as important as safeguarding physical health and safety. 

          How to Stay Alert

          Knowing the threats is only the first step. You also need to recognise warning signs and act promptly: 

          Practical steps: 

          1. Verify senders before responding to unexpected messages. 
          2. Hover over links to check URLs before clicking. 
          3. Report suspicious emails or activity to IT or your security contact. 
          4. Keep software updated and use antivirus programs. 
          5. Educate your staff and colleagues regularly- humans are your first line of defence. 

                  Preparing Your Organisation

                  Cyber threats are inevitable, but preparation makes a huge difference. By understanding the types of threats and knowing how to spot them, businesses can: 

                  Remember, cybersecurity is not just a technical challenge; it's part of a safety culture, similar to fire drills or first aid. Awareness, vigilance, and training are critical to building resilience. 

                  Looking Ahead

                  In our next blog, we’ll focus on practical steps to protect your organisation. Well introduce the 5 Cs of Cybersecurity, explore good cyber hygiene, and provide tips for building strong defences. 

                  By combining awareness of threats (Blog 2) with understanding why security matters (Blog 1), you’ll be better equipped to keep your systems, staff, and learners safe. 

                  October marks Cyber Security Awareness Month, a time to reflect on how much our work and personal lives depend on digital systems- and how vital it is to keep them secure. 

                  To raise awareness of cyber security, were launching a three-part blog series to help you understand the importance of cybersecurity, recognise common threats, and take practical steps to stay safe online. 

                  Just as we train teams to recognise physical hazards in the workplace, we must also learn to identify and prevent digital risks. Cyber threats don't just target big tech companies- they can affect any business, large or small, especially those that rely on online systems, email, or digital data. 

                  The Growing Importance of Cyber Security

                  In 2025, digital safety is no longer optional. Every business holds sensitive information. Whether its client details, training records, or financial data, that information is valuable to cybercriminals. 

                  According to the UK Government’s 2025 Cyber Security Breaches Survey, 43% of UK businesses experienced some form of cyberattack or data breach in the past tear. That figure rises to over 70% for medium-sized organisations. The most common threats include phishing emails, ransomware, and unauthorised access- many of which begin with a simple human mistake. 

                  While this shows progress compared to previous years, it highlights a key truth: cyberattacks remain one of the most consistent risks to UK businesses. 

                  Real- World Consequences

                  Cybersecurity breaches aren't just technical incidents- they have real-world impacts that affect operations, finances, and customer trust.  

                  In April 2025, Marks & Spencer (M&S) suffered a ransomware attack, which affected online orders, app services, and click-and-collect operations. Hackers gained access via a third-party contractor using social engineering tactics, including SIM swapping. M&S did not pay a ransom, but the attack caused weeks of operational disruption, empty shelves in some stores, and delayed service restoration. The company estimated the financial impact at around £300 million, and personal customer data such as names, contact details, and order histories were accessed. 

                  In late 2024, a Scottish nursery was hit by a cyber incident that exposed sensitive information belonging to children, parents, and staff. Hackers gained unauthorised access to the nursery’s internal systems after staff members were targeted with phishing emails, tricking them into revealing their login credentials. The breach resulted in the leak of personal details including names, addresses, emergency contacts, and in some cases, health or allergy information. 

                  Legal Obligations and Accountability 

                  Cyber security isn't just best practice- it’s a legal obligation. Under the UK General Data Protection Regulation (GDPR) and the Data Protection Act 2018, businesses must take “appropriate technical and organisational measures” to protect personal data. 

                  That means ensuring information is processed securely, access is controlled, and staff are trained to handle data responsibly. A failure to do so can lead to financial penalties and lasting reputational harm. 

                  The National Cyber Security Centre (NCSC) also recommends following core cybersecurity design principles, such as understanding your context, making compromise difficult, and planning for incident response. These steps don’t just satisfy compliance- they strengthen your overall resilience. 

                  The Human Factor 

                  Technology alone can't solve the problem. The majority of breaches stem from human error- clicking a suspicious link, sharing login details, or failing to update software. That's why awareness is your first line of defence. 

                  Just as you train staff to spot trip hazards or follow safety procedures, cyber awareness training helps teams identify warning signs, handle data responsibly, and react appropriately when something seems suspicious. 

                  Encouraging open communication is also key. Employees should feel comfortable reporting mistakes or concerns without fear- because quick reporting can prevent a small issue from becoming a major breach. 

                  What to Expect from this Series 

                  This post sets the scene for our Cyber Security Awareness Month blog series. Over the coming weeks, we'll be diving deeper into: 

                  Our aim is simple: to make cybersecurity understandable, approachable, and part of your everyday safety culture. 

                  Final Thoughts 

                  At Raeburn Training, we believe safety is holistic. Whether it’s protecting people from physical harm or safeguarding sensitive data from digital threats, awareness and prevention go hand in hand. 

                  By understanding why cybersecurity matters- and taking responsibility for it- every organisation can create a safer, more secure future. 

                  chevron-down