Leading Experts in Cyber Awareness Training and Cyber Crisis Simulations.

Training staff to recognise and defend against cyber threats and preparing your crisis management team to handle incidents with confidence.

Cyber Security Training and Exercising to Protect Your Company From Cyber Threats

Social Engineering Awareness Course

Online Social Engineering Training

Social engineering has proved to be one of the most prolific & effective means of attacking organisations of all sizes. Your staff need to be able to identify & defend against attempted attacks. This 2 hour online course equips your staff with the skills to identify & combat social engineering attacks including spear-phishing, vishing and physical impersonation attacks.

Cyber Crisis Exercise

An immersive and evolving cyber exercise to test your strategic and tactical response to an incident.

Prepare yourself for an attack and test how key staff make and communicate vital decisions in a developing situation.

Cyber Exercise

NCSC Certified Social Engineering Awareness Course

Social engineering has proved to be one of the most prolific & effective means of attacking organisations of all sizes. This certified cyber security training course trains your staff to identify & defend against attempted attacks.

Insider Threat Training

High impact, interactive cyber security training to raise awareness of insider threat risks to your organisation.

Employees are often cited as being the biggest security weakness in your organisation, we help you turn them into your greatest defence.

insider threat training

Cyber attacks can be a massive upheaval for businesses…

Cyber-crime is constantly on the rise, with virtually all UK businesses exposed to cybersecurity risks. Last year, 46% of UK businesses have suffered a cyber-attack of some sort, and without comprehensive IT security, many of these businesses have suffered as a result – either through decreased customer trust or the actual theft of money and personal information.

Businesses We’ve Helped

Red Goat were able to provide informative and engaging courses on social engineering that opened the eyes of many of our users to threats and malicious patterns of behaviour. The courses were well organised, well delivered and appealed to a wide array of colleagues of all ability levels.

Vertase FLI

Red Goat Cyber Security continue to be an essential business partner to help us deliver engaging, insightful and professional experiences for our people and executive teams to teach them how to defend against cyber-attacks. Lisa, in particular brings such an energy and experience on cyber crisis and insider threats that really engages with the audience.

Pinsent Masons LLP

Red Goat Cyber Security have created excellent, informative and interactive Social Engineering Awareness training which is suitable for all levels of staff. Lisa manages to get everyone excited about Information Security with her authentic and engaging presentation style. We are proud to call Red Goat Cyber Security one of our key security training providers.


Hiscox Insurance
Futures Housing Group

“Red Goat were really helpful in tailoring a course to our needs. The trainer was really engaging.”

Futures Housing group
Bristol Airport

“Red Goat were very helpful and provided an excellent training course that was really engaging and helpful to a wide range of our staff”.


“I was hugely impressed by the Social Engineering Awareness Course run by Red Goat Cyber Security. It is one of the first courses I’ve encountered where those who attended it have continued to talk about it long afterwards; a sure sign that the key messages imparted by the trainer have stuck. “

John Stanley MBCI, Risk & Resilience Manager
Salisbury National Health Service Trust

“I was delighted with how Red Goat Cyber Security delivered the cyber security table top exercise.  We have learnt valuable lessons to further improve our plans, processes and check lists and would highly recommend them to other organisations”

Bath hospital

“Excellent course and great scenarios. We would recommend this course to anyone, really informative and relaxed. Rarely is there a course that is both informative and enjoyable. Really good.”

Our Blog

The vitally important role of loggists in a cyber incident

Who? Why? When your crisis management team (CMT) meet they are usually gathered to handle a crisis. They have to operate in high pressure situations and all human beings can find the task of processing a lot of information, in a short amount of time and under a lot of...

AWS/Capital One hacker jailed for massive data theft and illicit crypto mining

“She wanted data, she wanted money and she wanted to brag” This was what Assistant United States Attorney Andrew Friedman said of Paige Thompson in his closing arguments following the week long trial. The jury voted to convict former Amazon software engineer, Paige...
The importance of testing your incident response

Maersk Incident Response

Updated May 2022 Fire drills are commonplace. We test the alarms, the evacuation procedures and the fire marshals get to practice their roles. In a cyber attack there can be just as much chaos as with a fire, perhaps even more so. This is why incident response is such...

Are all Insider Threats bad apples?

The "bad apples" argument for insider threats is simply too reductionist. Here is why:  When an intentional insider threat manifests it is a product of a hugely complex and escalating set of circumstances. The argument that they are "just bad people who go around...

3 easy traps your CMT could fall into and how to prevent them

Your Crisis Management Team, CMT, helps prepare your organisation for an incident and manages the strategic response to any incidents or crisis that occurs. In my experience of running cyber crisis simulations with these teams I see the same issues present themselves...

Your New Ransomware Business Partner  

2020 and 2021 have seen some pretty epic ransoms being paid by companies that at one point in time you would have assumed would never pay. Ransomware groups have undertaken a rebranding of sorts. They have their business model pretty well tuned and their...

Rebuilding after a cyber attack

We talk a lot about handling the initial car crash of a breach. What to do first, the comms that need to go out and the reporting to regulators. This all happens within the first few hours or days of a breach being discovered. What about after that? Last week I ran...
voice cloning 35m USD

Would You Fall For A $35m Voice Cloning Attack?

A high tech vishing attack utilising voice cloning has lost a UAE bank 35 Million USD. What happened? According to the court documents: the Victim Company’s branch manager received a phone call that claimed to be from the company headquarters. The caller sounded like...
Lisa Forte Defcon talk on Social Engineering and insider threat

Defcon Talk: Using SE to create insider threats and win all the things

Lisa Forte's Defcon 2021 talk on social engineering and insider threat. Transcript to follow.

The Gold-Silver-Bronze Command Structure

The Gold-Silver-Bronze or ‘GSB’ command structure was rooted in and developed heavily by the UK emergency services. It was designed to establish a clear hierarchical framework and operational clarity for the command of major incidents or disasters. It is now used by...

Take control of your cyber security and contact us now...


By submitting your message and your phone number and/or email address, you are permitting us to contact you by these means in response to your enquiry or feedback. You also acknowledge that you have read our privacy terms and that you consent to our processing data in accordance with them.Read our privacy policy here