Training, exercising and consultancy to help defend your organisation against cyber threats

Get in touch

Cyber Security Training and Exercising to Protect Your Company From Cyber Threats

Join the thousands of students that have enjoyed our cyber security training

Cyber Security Training

Improve your human defences to cyber threats. Increase understanding and participation in cyber hygiene best practice through training that engages and informs.

We provide bespoke, virtual and online atraining courses across a range of cyber security topics including insider threats, social engineering, cyber hygiene and the importance of reporting mistakes.

Cyber Exercises

A realistic, scenario based cyber crisis exercise is the number one way to improve your response to a cyber incident. Organisations that prepare and practice for cyber incidents recover faster and significantly reduce the costs of an incident.
Our exercises build the confidence and competence of your crisis management team, put your plans and frameworks to the test and help your organisation improve its resilience.

Improve your response to a potential cyber attack

Building your cyber crisis resilience is a crucial part of defending your organisation

Crisis Management Services

Clearly written plans and frameworks are a key part of the incident planning process. They need to be useable and the people responsible for orchestrating the response must be well trained in using them. We provide a suite of crisis management services to help you build lasting resilience as an organisation.

Insider Threat Program Development and Training

Intentional insider threats are a growing problem. While mistakes are responsible for the majority of incidents, intentional insider threats resulting in theft of IP, fraud or sabotage are far more costly and can seriously impact an organisation’s profitability and reputation. We provide a range of services and training that helps you build an effective, supportive and employee led insider threat program. In line with NIST guidelines, we have developed a simple 10 step process to benchmark and develop your insider threat program.

Defend your organisation against intentional insider threats

Businesses We’ve Helped.

“Red Goat was recommended by an industry contact and from the first conversation and throughout the engagement, we were very impressed. Our executives were fully engaged through the exercise and we gained tremendous value in exploring potential issues and challenges which has driven improvements to our security posture and resiliency”

“Red Goat were able to provide informative and engaging courses on social engineering that opened the eyes of many of our users to threats and malicious patterns of behaviour. The courses were well organised, well delivered and appealed to a wide array of colleagues of all ability levels.”

“Red Goat Cyber Security continue to be an essential business partner to help us deliver engaging, insightful and professional experiences for our people and executive teams to teach them how to defend against cyber-attacks. Lisa, in particular brings such an energy and experience on cyber crisis and insider threats that really engages with the audience.”

“Red Goat Cyber Security have created excellent, informative and interactive Social Engineering Awareness training which is suitable for all levels of staff. Lisa manages to get everyone excited about Information Security with her authentic and engaging presentation style. We are proud to call Red Goat Cyber Security one of our key security training providers.”

“Red Goat were really helpful in tailoring a course to our needs. The trainer was really engaging.”

“Red Goat were very helpful and provided an excellent training course that was really engaging and helpful to a wide range of our staff”.

“I was hugely impressed by the Social Engineering Awareness Course run by Red Goat Cyber Security. It is one of the first courses I’ve encountered where those who attended it have continued to talk about it long afterwards; a sure sign that the key messages imparted by the trainer have stuck. “

“I was delighted with how Red Goat Cyber Security delivered the cyber security table top exercise.  We have learnt valuable lessons to further improve our plans, processes and check lists and would highly recommend them to other organisations”


“Excellent course and great scenarios. We would recommend this course to anyone, really informative and relaxed. Rarely is there a course that is both informative and enjoyable. Really good.”

Get in touch to discuss how we can help you achieve your security awareness or resilience goals.

By submitting your message and your phone number and/or email address, you are permitting us to contact you by these means in response to your enquiry or feedback. You also acknowledge that you have read our privacy terms and that you consent to our processing data in accordance with them.
Read our privacy policy here.

    Cyber Security Articles

    Navigating a Third-Party Data Breach: Santander’s Effective Communication Strategy

    Last week the Spanish bank, Santander, reported that they had suffered a data breach via a third party….

    Read more

    DFSA’s Cyber Risk Management Guidelines: A Blueprint for Cyber Resilience?

    During 2023 the United Arab Emirates was busy. Very busy in fact. They implemented a significant number of legislative reforms in the areas of cyber […]

    Read more

    A 7 step crisis communication plan checklist

    The purpose of this crisis communication plan checklist is to allow you a quick and easy way to evaluate your existing cyber crisis communication plan […]

    Read more

    Key risk indicators in cyber security

    Understanding key risk indicators (KRIs) in cybersecurity In the constantly evolving landscape of cybersecurity, key risk indicators (KRIs) play a crucial role in measuring and […]

    Read more

    How to write an effective ransomware playbook

    Ransomware playbooks contain detailed instructions on what to do in the event of a ransomware attack. Read our guide to getting started with developing a ransomware playbook for your organisation.

    Read more

    How to get exec approval for a cyber exercise

    Testing your response to a cyber-attack will save you resources in the event of a real incident, but for many organisations taking the first step in exercising can seem like a big commitment in time and energy. Here are some top tips on getting exec approval for a cyber exercise.

    Read more

    Get started with crisis communication planning

    Cyber-attacks are no longer outlier events. In fact, the old saying of “it’s not if – but when” has sadly proven true for many organisations. For this reason many organisations are now heavily focused on planning and preparing for a cyber-attack and increasing their levels of resilience, response and redundancy to enable them to survive.

    Read more

    7 Examples of Cyber Tabletop Exercises

    Would you know how to respond if your organisation was hit by a cyber attack? Running a cyber tabletop exercise allows you to prepare and test responses in a safe environment. But what type of cyber incident should you use in your exercise? Here are seven examples of cyber tabletop exercises that you could consider running for your crisis team.

    Read more

    A big change for future cyber-attack victims in France?

    A big change is coming in France. From April 24th this year cyber attack victims will now have 72 hours…

    Read more

    Monero and the rise of privacy coins in ransom demands

    Bitcoin has been synonymous with ransomware for as long as cybercriminals have been encrypting hard drives. Now ransoms are increasingly being demanded in alternative cryptocurrencies […]

    Read more

    Preparing for a ransomware attack: Payment

    Another year passes and we are still not seeing the significant dip in ransomware and double extortion…

    Read more

    The Complete Guide to Running a Cybersecurity Tabletop Exercise

    What is a cybersecurity tabletop exercise? A tabletop exercise is an engaging and realistic simulation of a cyber crisis situation. It tests human and managerial […]

    Read more

    Ransomware – not just flying south for the winter.

    In 2022 major ransomware groups have been looking for new profitable markets, and their gaze has fallen…

    Read more

    Can cryptocurrency platforms claim paying attackers is a “White Hat Bounty”?

    Today I want to talk about bug bounties. You are probably sitting there thinking you have heard every…

    Read more

    Lisa Forte – Darknet Diaries

    One of our Partners, Lisa Forte, was asked to be a guest on what is perhaps the most popular and influential…

    Read more

    Lloyd’s of London exclude nation-backed cyber attacks from insurance

    Lloyds of London has announced that from 2023 all of its insurer groups will have to exclude “catastrophic”…

    Read more

    OFAC Sanctions Tornado Cash: what this means for ransomware payments

    In early August the U.S Treasury’s Office of Foreign Assets Control (OFAC) sanctioned another popular…

    Read more

    Lisa Forte talks about table-top exercises on Mimecast’s Phishy Business

    Listen to the episode here: Listen on Spotify Episode Description: In this episode of Phishy Business, we take a look at cyber crisis exercises and […]

    Read more

    The vitally important role of loggists in a cyber incident

    Who? Why? When your crisis management team (CMT) meet they are usually gathered to handle a crisis. They have to operate in high pressure situations […]

    Read more

    AWS/Capital One hacker jailed for massive data theft and illicit crypto mining

    “She wanted data, she wanted money and she wanted to brag” This was what Assistant United States Attorney Andrew Friedman said of Paige Thompson in […]

    Read more

    Supply chain security: Renaissance or retrogression?

    Overall we have a low level of visibility and understanding of our supply chains. Horizon scanning for threats and vulnerabilities needs to extend into this […]

    Read more

    Maersk incident response

    Updated April 2023 Fire drills are commonplace. We test the alarms, the evacuation procedures and the fire marshals get to practice their roles. In a […]

    Read more

    Are all insider threats bad apples?

    The “bad apples” argument for insider threats is simply too reductionist. Here is why: When an intentional insider threat manifests it is a product of […]

    Read more

    3 easy traps your Crisis Management Team could fall into and how to prevent them

    Your Crisis Management Team, CMT, helps prepare your organisation for an incident and manages the strategic response to any incidents or crisis that occurs. In […]

    Read more

    A new ransomware business model?

    2020 and 2021 have seen some pretty epic ransoms being paid by companies that at one point in time you would have assumed would never […]

    Read more

    Rebuilding after a cyber attack

    We talk a lot about handling the initial car crash of a breach. What to do first, the comms that need to go out and […]

    Read more

    Would you fall for a $35m voice cloning attack?

    A high tech vishing attack utilising voice cloning has lost a UAE bank 35 Million USD. What happened? According to the court documents: the Victim […]

    Read more

    Defcon Talk: Using SE to create insider threats and win all the things

      Lisa Forte’s Defcon 2021 talk on social engineering and insider threat. Transcript to follow.

    Read more

    The Gold-Silver-Bronze Command Structure

    The Gold-Silver-Bronze or ‘GSB’ command structure was rooted in and developed heavily by the UK emergency services. It was designed to establish a clear hierarchical […]

    Read more

    Insider Theft of $119M worth of Coca Cola IP

    What happened? An engineer who worked for Coca Cola and other manufacturers is alleged to have stolen valuable trade secrets in order to set up […]

    Read more

    Tesla Insider Threat Case (Khatilov)

    Tesla Insider Threat Case Study According to the official Filing, Tesla is suing a former employee and software engineer named Alex Khatilov alleging trade secret […]

    Read more

    Wargaming, Cyber Attacks and Astronaut thinking

    CEO Digital Show This week Lisa was on the CEO Digital show discussing Wargaming, Cyberattacks, Protecting Against Romance Fraud, & ‘Astronaut Thinking’ in Leadership. Key points […]

    Read more

    The 5 Best Ways to Spot TV Licence Phishing Emails

    TV Licence Phishing Emails In the UK a licence is required to watch live TV in the home. With lockdown continuing and people’s reliance on […]

    Read more

    What is Vishing?

    What is vishing? How to How to defend your organisation against telephone-based vishing scams

    Read more

    Behaviour Change in your Organisation (short video)

    Getting your staff to change their security behaviour It is often submitted that fear is bad. Actually, from a behavioural science perspective we know fear […]

    Read more

    Hacked! Right Match Singles Suffers a Data Breach..

    Cyber Security Awareness Month Special: “Hacked” What would you do if your company was hit by a cyber attack? Do you have a plan? A […]

    Read more

    Get staff engaged for Cybersecurity Awareness Month

    October is ECSM, a month-long European event promoting good cyber security practices and safety. This years themes are: 1. Cyber First Aid:What to do in […]

    Read more

    CV19 and Kaspersky Next

    At the Kaspersky NEXT event, Cyber Volunteers 19 (CV19) Co-founder and partner at Red Goat Cyber Security, Lisa Forte discussed with Kaspersky’s

    Read more

    pre-election tricks goes deeper than social media.

    How pre-election manipulation goes deeper than social media. A critical moment is almost upon us. It will be a test of the protections we’ve tried […]

    Read more

    Insider Threat $800K Rogue Admin

    Rogue Admin: Disgruntled former IT admin Charles E. Taylor quit his job at an unnamed Atlanta based distribution company before going on a sabotage spree costing the company $800,000 USD to redress.

    Read more

    Lisa Forte on Smashing Security Podcast

    178: Office pranks, meat dresses, and robocop dogs  May 14th, 2020  |   50 mins 42 secs  coronavirus, data breach, email storm, hacking, k2, lady gaga, microsoft, […]

    Read more

    Permissions Creep

    Permissions Creep, also known as privilege creep, is what happens when an employee moves between roles in an organisation and keeps the access or permissions of the previous role.

    Read more

    Should Your Company Ban Zoom?

    As several businesses ditch the popular conferencing tool, Lisa Forte, partner at Red Goat Cyber Security, calls for calm  Zoom, the free to use video conferencing […]

    Read more

    Cyber Volunteers 19

    Do you work in cyber security? Why not sign up to volunteer to help protect healthcare providers during the Covid-19 pandemic.

    Read more

    Lisa Forte on Random But Memorable Podcast

    Comically Bad Ultrasonic Berry with Lisa Forte Description Do we need more positivity in cybersecurity? And are bananas a type of berry? 🍌Join us, as […]

    Read more

    Why Run a Cyber Exercise?

    Your company could have the most detailed response plans in the world but if they have not been tested they may well be useless when they are most needed. A cyber security incident is not a good time for seeing if your plans actually work.

    Read more

    Insider Threat Fraud: £4.6m in self-signed invoices

    Of the three categories of insider threat; theft, fraud and sabotage, insider threat fraud is often the most complex,  inventive and difficult to detect. This […]

    Read more


    LISA FORTE INTERVIEW WITH DIGIT MAGAZINE Lisa Forte, partner and cyber threat specialist at Red Goat Cyber, shares her insights about the ‘insider threat’ and […]

    Read more

    Amazon Ring Insider Threat

    Ring, the Amazon owned home-security company, has admitted firing four employees who accessed users’ videos. The employees had access to the video feeds but exceeded their authorised access by viewing them. This has undoubtedly caused embarrassment for Ring.

    Read more

    The Facebook Insider

    Friday the 13th  is a day that has been long associated with bad omens. This became a reality for almost 30,000 Facebook staff though on […]

    Read more

    Trend Micro Insider Breach

    The Tokyo based cyber security company Trend Micro has revealed it has been the victim of a sophisticated insider threat attack. Customer records were accessed […]

    Read more

    Insider threat: former SEC investigator charged

    The SEC investigator was charged with several crimes including unauthorized computer access and disclosure of confidential information. The defendant, Mr. Cohn, was the MD and […]

    Read more

    How voice assistants can be used to phish passwords

    We have seen a wealth of articles on the security and privacy issues around voice assistants. This week I came across and new and far […]

    Read more

    Red Goat Insider Threat Report

    Insider Threat Report 2019 finally released! Red Goat Cyber Security are proud to announce the results of their research into insider threat reporting. The research […]

    Read more

    3 Steps To Make Cyber Security Awareness Month A Success

    October is Cyber Security Awareness Month! A lot of our clients are busy preparing events and internal campaigns to increase awareness of cyber related issues […]

    Read more

    Red Goat finalists for Computer Security Awards 2019

    Red Goat Cyber Security has been recognised as a finalist in the 2019 Computing Security Awards. Partner and Co-founder, Lisa Forte, has been selected as […]

    Read more

    Teiss Podcast on Insider Threat

    “I really enjoyed making this podcast with Anna Delaney. She always asks hard interesting questions and it was great fun to discuss some of the […]

    Read more

    Tales from the road: OSINT in the Washroom

    I recently went for a meeting at a company’s office. This company had a few floors in a shared office building. Due to a large […]

    Read more

    Online Radicalisation and Social Engineering

    Online radicalisation and social engineering There has been a lot of media coverage here in the UK about a young woman who previously left the […]

    Read more

    Paris riots, Social Proof and Corporate Security

    I was recently hired to speak at an event in Paris. I love the city however this particular visit was during an unfortunate time. Paris […]

    Read more

    The Hustlers of Naples

    Social engineering is a fascinating and diverse attack vector because it exploits human nature and people are generally predictable in their responses. We focus on […]

    Read more

    Simone – A Social Media Investigation

    Speaking around the world about social engineering one question comes up almost every time. Why is social engineering so successful? A key success factor in […]

    Read more

    Interview with DIGIT

    Social engineering and social media risks Here’s a link to an interview with DIGIT who organise the excellent Scot-Secure event in Edinburgh (among many other […]

    Read more

    Reconnaissance for Social Engineering: Tales from the Road

    Social engineering reconaissance When it comes to reconnaissance and open source intelligence, research often seems like a digital battle. Using endless pieces of software, sites […]

    Read more

    Webinar: Think like a hacker

    We recently did a webinar with APMG on why you need to think like a hacker. They have uploaded it here:

    Read more

    Can I borrow your swipecard?

    This case involves an accountancy firm based in South East England. The firm had just lost a big client and as a result had to make some cuts which included letting a few members of staff go.

    Read more

    Stay calm and (don’t) pay the hackers

    This social engineering case study highlights how attackers can use curiosity, urgency and fear to manipulate victims into breaking company protocols and get a finance employee to willingly transfer £152,000 into the attackers bank account.

    Read more

    The enthusiastic law student

    This case involves a law firm based in the south of England. The firm was of a reasonable size and, like most law firms, held a lot of very sensitive customer data.

    Read more

    Criminal Justice Evolution podcast

    Patrick Fitzgibbons was kind enough to invite me on to his US based Criminal Justice Evolution podcast.  We talked about the social engineering threats facing […]

    Read more

    The not-so-secret life of boarding passes

    Have you ever thought about what your boarding pass might say about you? I don’t mean “oh look at me, I’m flying in Emirates Business Class”, but what data you might be leaking publicly on that anachronistic piece of paper you discard in the seat in front of you. Turns out it is an awful lot more than you think…

    Read more

    The Prisoners Dilemma and Intelligence sharing

    Cybercrime is increasing year on year. The 2017 cyber breaches survey shows that almost half of UK firms have been hit by cyber breach or […]

    Read more

    Equifax Leak

    In the latest in a truly blockbuster year for data leaks, American credit reporting company Equifax has announced the loss of highly sensitive data belonging […]

    Read more

    Leak of the week: 711m email addresses

    A French malware researcher has found an online database of 711 million email addresses, in some cases with the associated passwords for that account. The list […]

    Read more

    South Korea 2 : Trust, Cyber-Security and Wannacry

    In my first article on South Korea I looked at some unique solutions to protecting citizens and businesses from the cyber threat. In this second article on […]

    Read more

    South Korea 1: On The Alert

    In the first of two blog articles on cyber security and tech in South Korea, I am looking at the pervasive use of technology in […]

    Read more