Raeburn Training

In the fast-paced and often high-pressure world of construction, the wellbeing of workers can too easily be overlooked. Long hours, physically demanding labour, tight deadlines, and financial insecurity can all take a heavy toll and, when combined, these pressures can push people into crisis.  

That's why we are taking the opportunity to shine a spotlight on The Lighthouse Construction Industry Charity, the only organisation 100% dedicated to supporting the construction community across the UK and Ireland.  

Their mission is simple yet powerful: to ensure that no construction worker or their family ever feels alone in a crisis. Through free, confidential, and round-the-clock emotional, physical, and financial wellbeing support, they are transforming lives across the industry one call, one site visit, one conversation at a time.  

Origins and Mission

The Lighthouse Charity traces its roots back to 1956, when a group of construction professionals attending a Ministry of Public Buildings & Works exhibition in Whitley Bay pledged to create a beacon for those in need within the industry.

Today, that vision has evolved into a modern, multi-faceted charity that provides free and confidential support across three core pillars: emotional, physical, and financial wellbeing.

What Lighthouse Does: Services & Programmes

Lighthouse’s support is built to be holistic and accessible, meeting people wherever they are- on the phone, online, or on site. Here’s a breakdown of their principal services and programmes:

1. 24/7 Helpline

    2. Digital Support

    3. Critical Incident Support Team

    4. Lighthouse Beacons and On-Site Presence

    5. Financial & Welfare Support

    Because wellbeing is more than mental health, Lighthouse also supports: 

    Measurable Impact

    The charity’s 2024 Impact Report tells a story of growth, compassion, and measurable change. Over the past year, more workers have reached out for help- with a 29% increase in support requests, resulting in 5,696 families receiving vital assistance.  

    In total, Lighthouse delivered over £5 million in charitable support, handled more than 11,000 helpline calls, and delivered 5,761 counselling and mentoring sessions. They delivered 5,684 family meals and engaged 28,070 site operatives. 

    Behind each number is a story of hope- a tradesman overcoming addiction, a joiner’s family rebuilding life after a stroke, a survivor of domestic abuse finding safety and confidence, or a worker finally breaking free from isolation. The Lighthouse Charity doesn't just respond to crises; it restores dignity, stability, and belief in a better tomorrow. 

    #MakeItVisible: Breaking the Silence on Site 

    Mental health stigma remains one of construction’s biggest challenges- but Lighthouse is changing that, one site at a time. 

    Through the #MakeItVisible On Site campaign, dedicated teams travel across the UK & Ireland, visiting construction sites, hire yards, and offices to start open conversations about wellbeing. In 2024, they visited 574 sites and engaged directly with over 28,000 workers. 

    These visits save lives. Last year, 88 workers disclosed suicidal thoughts to the team- and each one was immediately connected to professional support and follow-up care. 

    Team members often share their own lived experiences, making these sessions relatable and authentic. As one industry partner put it: 

    “The #MakeItVisible tour is incredible. Its honest, down to earth, and full of real- life experiences that people can truly relate to.” 

    Wellbeing Academy

    Beyond crisis intervention, Lighthouse is helping to reshape construction’s culture through education. The Wellbeing Academy offers free and subsided training to help individuals and organisations build resilience and awareness. 

    In 2024 alone, more than 4,700 learners completed courses. Topics range from Mental Health First Aid, Suicide Awareness, and Managing Mental Health in the Workplace, to Menopause Awareness, Resilience Building, and Financial Wellbeing. 

    These programmes empower workers to look out for one another, foster empathy, and create safer, more supportive environments across and levels of the industry. 

    Why Lighthouse Matters

    Construction is an inherently risky sector. Its demanding, unpredictable, and often isolating. Many workers face short-term contracts, long commutes, or financial instability. Add to this the physical toll of labour and the cultural stigma around seeking help- and the result can be devastating.  

    Lighthouse breaks through these barriers. It offers a hand when pride, fear, or lack of access might otherwise stop someone reaching out. It reminds us that asking for help is not a weakness, but a strength. 

    As Sarah Bolton, CEO of the Lighthouse Charity, explains: 

    “Emotional, physical, and financial wellbeing are intrinsically linked- and we’re here to help our community build healthy, sustainable futures.” 

    How the Industry Can Support

    Lighthouse receives no government funding- every helpline call, counselling session, or rescue is made possible by donations, partnerships, and fundraising within the industry. 

    Here’s how companies and individuals can help: 

    Help is Here

    If you or someone you know works in construction and is struggling, remember- help is here. 

    Together, we can build a safer, stronger, and more compassionate construction industry- one where no worker ever has to face a crisis alone. 

    Welcome to the final part of our Cyber Security Awareness Month series!

    So far, we've explored why cybersecurity matters and the type of threats that can impact your business. In this final blog, we'll focus on the most important part- how to stay safe online and protect your people, data, and reputation.

    Just as workplace health and safety depends on good habits and awareness, digital safety relies on everyday actions. The goal isnt to eliminate all risk (thats impossible), but to build resilience, so your organisation can prevent, detect, and recover from incidents effectively.

    The 5Cs of Cybersecurity

    A practical way to strengthen your organisation's cyber resilience is to follow the 5Cs of Cybersecurity- a simple framework that covers the foundations of good cyber hygiene:

    1. Control
    2. Compliance
    3. Confidentiality
    4. Continuity
    5. Capacity

    Lets explore what each one means in real terms.

    Control

    Just like in physical safety, control is about knowing who can access what. Not everyone in your organisation needs to every system or file.

    Implementing role-based access ensures that staff only see the data relevant to their job. Combine this with:

    Remember: prevention starts with limiting opportunity.

    Compliance

    Cybersecurity isnt just good practice; its a legal requirement.

    Under the UK GDPR and Data Protection Act 2018, organisations must take "appropriate technical and organisation measures" to protect personal data.

    Compliance also builds trust with customers and partners. It shows that your organisation takes data protection seriously and follows recognised best practices.

    To stay compliant:

    Compliance doesn’t just protect you from fines- it protects your reputation.

    Confidentiality

    Confidentiality ensures that data is only accessed by authorised people.
    Breaches of confidentiality can happen in many ways- from phishing attacks to misplaced laptops.

    To protect your data:

    Simple habits make a big difference: locking screens when away from desks, shredding printed documents, and verifying requests before sharing information.

    When confidentiality is compromised, trust is broken. Safeguarding information is key to maintaining confidence with your clients, learners, and staff.

    Continuity

    Even with strong defences, no system is 100% secure. That’s why continuity planning is essential.
    It’s about ensuring your business can keep operating- or recover quickly- if something goes wrong.

    Ask yourself:

    Having backups and a clear plan means you can bounce back faster and limit the impact on customers. Continuity is the bridge between prevention and recovery.

    Capacity

    The final “C” is all about people.
    Even with the best technology, your organisation is only as strong as the awareness of your team. Human error remains the biggest cause of cyber incidents.

    Building capacity means:

    Empowered staff are the best protection against cyber threats.

    Good Cyber Hygiene: Simple Steps to Stay Safe Online

    Cybersecurity doesn’t have to be complicated. Many of the best defences come down to good digital habits:

    These may sound simple, but collectively they reduce your risk significantly.

    Building a Culture of Cyber Awareness

    Creating a cyber-secure workplace is not just about policies- it’s about culture. Everyone should feel responsible for keeping information safe.

    Here’s how to embed that culture:

    Just like health and safety, cybersecurity should be part of daily behaviour, not an afterthought.

    The Bigger Picture

    Cybersecurity isn’t just about avoiding fines or preventing downtime- it’s about trust, resilience, and professionalism.
    In the same way that workplace safety protects people from harm, cybersecurity protects the data, systems, and relationships that keep your business running.

    By following the 5Cs of Cybersecurity, practising good hygiene, and fostering a culture of awareness, you can protect your organisation from today’s most common digital threats- and build resilience for whatever comes next.

    We're absolutely delighted to share that Raeburn Training has been named Small Business of the Year at The Courier Business Awards 2025!

    This incredible recognition highlights our team’s continued hard work, innovation, and commitment to excellence. We couldn’t be prouder of how far we’ve come and of the dedication shown by every member of our team. It’s been six years of steady growth, challenges, and achievements- and moments like this remind us just how much can be accomplished through teamwork and determination.

    We were also thrilled to be finalists in the Growth Award category, which means a great deal to us. Being recognised not only for what we’ve achieved so far, but also for our ongoing development and ambition, makes this award even more special.

    A huge thank you goes out to our fantastic team, our loyal customers, and the event organisers for celebrating and supporting local business success across the region.

    We’re excited for what the future holds as we continue to grow, collaborate, and make a positive impact in the industries and communities we serve. Here’s to many more milestones ahead!

    We turned the office pink for a great cause!

    Our team joined in for #wearitpink, supporting Breast Cancer Now.

    We wore pink, baked pink, played the Big Pink Quiz, and raised money to support breast cancer awareness and research.

    A huge thank you to everyone who got involved and donated!

    Welcome back to our Cyber Security Awareness Month series! In our first blog, we explored why cybersecurity is crucial for every business, from legal obligations to real-world incidents in the UK. Now that we understand why cybersecurity matters, it’s time to focus on what we’re protecting against: the various cyber threats that can impact organisations like yours. 

    Cyber threats are evolving constantly. They don’t just affect big tech companies- they target businesses of all sizes, including small enterprises, charities, and financial institutions. Understanding the types of threats, where they appear, and how they work is the first step in staying safe. 

    Common Cyber Threats Explained

    1.Phishing

        Phishing is one of the most common and effective cyberattacks. Attackers send emails, text messages, or social media messages that appear to come from legitimate sources, like banks, suppliers, or government agencies. The goal is to trick recipients into sharing sensitive information, such as login credentials, bank details, or personal data. 

        Example: An employer receives an email that looks like it's from HMRC, warning of overdue taxes, and asking them to log in via a link. Clicking the link and entering login details gives the attacker access to the organisation's systems. 

        Red flags: urgent language, unexpected attachments, suspicious links, poor grammar, or unfamiliar sender addresses. 

        2. Malware

        Malware, short for “malicious software,” is software designed to harm, disrupt, or spy on computers and networks. There are many types of malware: 

        Malware can be delivered through email attachments, downloads, or infected websites. Once installed, it can slow systems, steal data, or provide remote access to attackers. 

        3. Ransomware

        Ransomware is a type of malware that locks files or systems until a ransom is paid, usually in cryptocurrency. As we saw in Blog 1, ransomware can cripple organisations, cause lost revenue, and damage trust. 

        UK examples: 

        Even if you don't pay the ransom, the downtime and recovering costs alone can be devastating.  

        4. Data Breaches

        A data breach occurs when sensitive information is accessed or disclosed without permission. This could be personal data, financial records, or internal company information. Breaches can happen due to hacking, human error, or lost devices. 

        Example: In 2024, a Scottish nursery suffered a data breach after employees were tricked by phishing emails, exposing children’s and parent’s personal information. 

        Data breaches can lead to reputational damage, regulatory fines, and loss of client trust. For training providers, safeguarding learner and staff information is critical. 

        5. Social Engineering

        Social engineering exploits human psychology rather than technical vulnerabilities. Attackers manipulate people into revealing information or performing actions that compromise security.  

        Examples include: 

        The most common tools are emails, phone calls, or in-person tactics. Social engineering often works hand-in-hand with phishing or malware attacks. 

        6. Insider Threats 

          Not all cyber threats come from outside. Insider threats originate from employees, contractors, or partners. These threats may be intentional (malicious insiders stealing data) or accidental (staff clicking a phishing link or misconfiguring a system). 

          Example: a staff member accidentally uploads sensitive learner records to a shared public folder. Even though no hacker was involved, the data is now exposed. 

          7. Supply Chain Attacks

          Supply chain attacks occur when attackers compromise third-party vendors or service providers to gain access to their clients. This is increasingly common as businesses rely on multiple external services. 

          Example: The Marks & Spencer's ransomware attack in 2025 began through a third-party contractor, highlighting the need to assess and secure not just your systems but also those of your suppliers. 

          Where You Might Encounter These Threats

          Understanding where threats might appear can help you recognise and prevent them. Common attacks vectors include: 

          Cybercriminals look for the weakest link, which is often human behaviour, so awareness and vigilance are key. 

          The Real Impacts of Cyber Threats

          Even a single incident can have significant operational, financial, and reputational consequences: 

          Cyber security isn't just an IT issue- it affects every aspect of business operations. For training providers and other service-based organisations, protecting learner, staff, and client data is as important as safeguarding physical health and safety. 

          How to Stay Alert

          Knowing the threats is only the first step. You also need to recognise warning signs and act promptly: 

          Practical steps: 

          1. Verify senders before responding to unexpected messages. 
          2. Hover over links to check URLs before clicking. 
          3. Report suspicious emails or activity to IT or your security contact. 
          4. Keep software updated and use antivirus programs. 
          5. Educate your staff and colleagues regularly- humans are your first line of defence. 

                  Preparing Your Organisation

                  Cyber threats are inevitable, but preparation makes a huge difference. By understanding the types of threats and knowing how to spot them, businesses can: 

                  Remember, cybersecurity is not just a technical challenge; it's part of a safety culture, similar to fire drills or first aid. Awareness, vigilance, and training are critical to building resilience. 

                  Looking Ahead

                  In our next blog, we’ll focus on practical steps to protect your organisation. Well introduce the 5 Cs of Cybersecurity, explore good cyber hygiene, and provide tips for building strong defences. 

                  By combining awareness of threats (Blog 2) with understanding why security matters (Blog 1), you’ll be better equipped to keep your systems, staff, and learners safe. 

                  October marks Cyber Security Awareness Month, a time to reflect on how much our work and personal lives depend on digital systems- and how vital it is to keep them secure. 

                  To raise awareness of cyber security, were launching a three-part blog series to help you understand the importance of cybersecurity, recognise common threats, and take practical steps to stay safe online. 

                  Just as we train teams to recognise physical hazards in the workplace, we must also learn to identify and prevent digital risks. Cyber threats don't just target big tech companies- they can affect any business, large or small, especially those that rely on online systems, email, or digital data. 

                  The Growing Importance of Cyber Security

                  In 2025, digital safety is no longer optional. Every business holds sensitive information. Whether its client details, training records, or financial data, that information is valuable to cybercriminals. 

                  According to the UK Government’s 2025 Cyber Security Breaches Survey, 43% of UK businesses experienced some form of cyberattack or data breach in the past tear. That figure rises to over 70% for medium-sized organisations. The most common threats include phishing emails, ransomware, and unauthorised access- many of which begin with a simple human mistake. 

                  While this shows progress compared to previous years, it highlights a key truth: cyberattacks remain one of the most consistent risks to UK businesses. 

                  Real- World Consequences

                  Cybersecurity breaches aren't just technical incidents- they have real-world impacts that affect operations, finances, and customer trust.  

                  In April 2025, Marks & Spencer (M&S) suffered a ransomware attack, which affected online orders, app services, and click-and-collect operations. Hackers gained access via a third-party contractor using social engineering tactics, including SIM swapping. M&S did not pay a ransom, but the attack caused weeks of operational disruption, empty shelves in some stores, and delayed service restoration. The company estimated the financial impact at around £300 million, and personal customer data such as names, contact details, and order histories were accessed. 

                  In late 2024, a Scottish nursery was hit by a cyber incident that exposed sensitive information belonging to children, parents, and staff. Hackers gained unauthorised access to the nursery’s internal systems after staff members were targeted with phishing emails, tricking them into revealing their login credentials. The breach resulted in the leak of personal details including names, addresses, emergency contacts, and in some cases, health or allergy information. 

                  Legal Obligations and Accountability 

                  Cyber security isn't just best practice- it’s a legal obligation. Under the UK General Data Protection Regulation (GDPR) and the Data Protection Act 2018, businesses must take “appropriate technical and organisational measures” to protect personal data. 

                  That means ensuring information is processed securely, access is controlled, and staff are trained to handle data responsibly. A failure to do so can lead to financial penalties and lasting reputational harm. 

                  The National Cyber Security Centre (NCSC) also recommends following core cybersecurity design principles, such as understanding your context, making compromise difficult, and planning for incident response. These steps don’t just satisfy compliance- they strengthen your overall resilience. 

                  The Human Factor 

                  Technology alone can't solve the problem. The majority of breaches stem from human error- clicking a suspicious link, sharing login details, or failing to update software. That's why awareness is your first line of defence. 

                  Just as you train staff to spot trip hazards or follow safety procedures, cyber awareness training helps teams identify warning signs, handle data responsibly, and react appropriately when something seems suspicious. 

                  Encouraging open communication is also key. Employees should feel comfortable reporting mistakes or concerns without fear- because quick reporting can prevent a small issue from becoming a major breach. 

                  What to Expect from this Series 

                  This post sets the scene for our Cyber Security Awareness Month blog series. Over the coming weeks, we'll be diving deeper into: 

                  Our aim is simple: to make cybersecurity understandable, approachable, and part of your everyday safety culture. 

                  Final Thoughts 

                  At Raeburn Training, we believe safety is holistic. Whether it’s protecting people from physical harm or safeguarding sensitive data from digital threats, awareness and prevention go hand in hand. 

                  By understanding why cybersecurity matters- and taking responsibility for it- every organisation can create a safer, more secure future. 

                  Today is #WorldMentalHealthDay. Work and every day life can be mentally challenging. It’s a day to reflect on how we can support ourselves and those around us. Let’s make mental health a priority, together.

                  If you have ever attended a first aid training course, chances are you’ve met Little Anne- the world’s most famous training mannequin. She has helped millions of people across the globe learn the lifesaving skills of cardiopulmonary resuscitation (CPR), and her story is just as fascinating as her purpose. 

                  The Birth of Resusci Anne 

                  Resusci Anne was first created in 1960 by the Norwegian toymaker Åsmund Laerdal in collaboration with Dr. Bjørn Lind and Dr. Peter Safar, often referred to as the “father of modern CPR.” Laerdal was inspired after saving his young son from drowning and recognised the need for a safe, realistic way to practice emergency resuscitation techniques. 

                  Anne became the answer. Her lifelike design allowed trainees to rehearse chest compressions and rescue breaths in a way that no other tool at the time could replicate. She quickly became a standard fixture in first aid classrooms worldwide. 

                  Why Resusci Anne Matters 

                  The genius of Resusci Anne lies in her realism and accessibility. Trainees can: 

                  The muscle memory created during training with Anne helps bystanders react faster and more effectively. 

                  A Face with a Story 

                  One of the most striking details about Anne is her face. It is said to have been modelled after the “L’Inconnue de la Seine” – an unidentified young woman pulled from the River Seine in Paris in the 19th century. Her serene expression became a symbol of mystery and beauty, and over time, her likeness evolved into the face of the world’s most important training dummy. 

                  Still Saving Lives Today 

                  Over 60 years later, Resusci Anne is still at the heart of CPR training. Modern versions now include: 

                  Thanks to Resusci Anne, countless lives have been saved by ordinary people who found themselves in extraordinary situations. Her legacy continues every time someone steps forward to learn CPR- and that someone could be you.

                  If you fancy meeting Anne for yourself and learning these vital lifesaving skills, why not join our next Emergency First Aid at Work course? You'll get hands-on experience with the world's most famous training mannequin, expert guidance from our instructors, and the confidence to act when every second counts.

                  Book your place here

                  The Health and Safety Executive (HSE) recently issued updated guidance on the importance of controlling hazardous substances in the workplace. These reminders are especially relevant to the construction industry, where workers are often exposed to harmful dust, fumes, chemicals, and solvents.

                  Complying with the Control of Substances Hazardous to Health (COSHH) regulations is not only a legal duty but also a vital part of safeguarding employees' long-term health and ensuring a safe, productive workplace.

                  What is COSHH?

                  COSHH stands for the Control of Substances Hazardous to Health. These UK regulations require employers to control substances that could be harmful to health, including:

                  Exposure to these substances can lead to a range of health problems, from skin conditions and asthma to repiratory diseases and even cancer.

                  In construction, common examples include:

                  Why COSHH Matters?

                  Failure to comply with COSHH can have severe consequences:

                  A recent HSE case illustrates this risk: a chemical company was fined £100,000 after a worker suffered severe burns from a faulty steam hose. Inadequate maintenance and poor safety measures were to blame- highlighting why COSHH compliance is non-negotiable.

                  Employer Responsibilities Under COSHH

                  Employers must take a structured approach to managing hazardous substances. This includes:

                  1. Risk Assessment- Identify hazardous substances, understand how exposure happens, and evaluate the risks.
                  2. Control Measures- Eliminate hazardous substances where possible- or substitute with safer alternatives. Use engineering controls (e.g., local exhuast ventiliation) and provide safe storage solutions.
                  3. PPE- Where risks cannot be controlled otherwise, supply appropriate Personal Protective Equipment such as masks, gloves, and goggles.
                  4. Training & Information- Ensure workers know the risks, understand how to use controls safely, and are aware of emergency procedures. Raeburn Training can arrange both classroom based or online training, based on your teams requirements. Get in touch for more information.
                  5. Monitoring & Health Surveillance- Regularly review exposure levels and carry out health checks where needed.
                  6. Maintenance & Records- Keep equipment in good working order, log risk assessments, training, and monitoring activites.
                  7. Emergency Preparedness- Have plans in place for spills, leaks, or accidents.

                  The Role of Training

                  Training is central to effective COSHH management. Workers need to:

                  Employers should tailor training to their specific workplace and update it regularly. Ongoing refresher courses help ensure safety standards remain high and that businesses stay compliant with HSE requirements.

                  Best Practices for Businesses

                  To build a strong safety culture and meet COSHH obligations:

                  Conclusion

                  Managing COSHH risks is a shared responsibility. By assessing hazards, implementing controls, and providing proper training, businesses can not only comply with the law but also protect their most valuable asset: their people.

                  A safe workplace boosts productivity, reduces absences, and builds trust between employers and employees.

                  Are you COSHH compliant? Now is the perfect time to review your workplace procedures and ensure your business meets all the required standards. If you are not sure where to start, our Health and Safety Consultants are here to help.

                  Good news for local businesses- the Business Gateway Expert Help scheme is continuing into this tax year, with the ongoing focus on helping businesses to grow. 

                  Through this scheme, eligible businesses can access specialist consultancy support, typically covering up to two days of funded expert advice. For many, this represents a valuable opportunity to strengthen important areas of their business without the added financial burden. 

                  How Expert Help Can Support Health & Safety

                  One of the most practical applications of the scheme is in supporting businesses with their Health & Safety arrangements. Expert consultancy can be provided in areas such as: 

                  These measures not only support compliance with legislation but also contribute to long-term business growth by fostering safer, more efficient, and more resilient workplaces.  

                  Important Notes on Eligibility 

                  The Expert Help programme is a Business Gateway scheme, and eligibility is assessed directly by them. A few key points to be aware of: 

                  You can find the full details of the scheme here: Business Gateway Fife- Specialist Business Advice 

                  Next Steps- How to Access Support 

                  Raeburn Training can assist businesses who are interested in accessing this support. In the first instance, we encourage organisations to contact our team directly for an informal discussion. We will then guide you through the next steps and ensure you are connected with the appropriate support through the Expert Help programme.  

                  This is a valuable opportunity to access expert knowledge, strengthen business foundations, and focus on sustainable growth in the year ahead. We encourage any organisation considering improvements to their Health & Safety arrangements to explore the support available through the Expert Help scheme. 

                  chevron-down