Training, exercising and consultancy to help defend your organisation against cyber threats
Get in touchCyber Security Training and Exercising to Protect Your Company From Cyber Threats
Join the thousands of students that have enjoyed our cyber security training
Cyber Security Training
Improve your human defences to cyber threats. Increase understanding and participation in cyber hygiene best practice through training that engages and informs.
We provide bespoke, virtual and online atraining courses across a range of cyber security topics including insider threats, social engineering, cyber hygiene and the importance of reporting mistakes.
Cyber Exercises
A realistic, scenario based cyber crisis exercise is the number one way to improve your response to a cyber incident. Organisations that prepare and practice for cyber incidents recover faster and significantly reduce the costs of an incident.
Our exercises build the confidence and competence of your crisis management team, put your plans and frameworks to the test and help your organisation improve its resilience.
Improve your response to a potential cyber attack
Building your cyber crisis resilience is a crucial part of defending your organisation
Crisis Management Services
Clearly written plans and frameworks are a key part of the incident planning process. They need to be useable and the people responsible for orchestrating the response must be well trained in using them. We provide a suite of crisis management services to help you build lasting resilience as an organisation.
Insider Threat Program Development and Training
Intentional insider threats are a growing problem. While mistakes are responsible for the majority of incidents, intentional insider threats resulting in theft of IP, fraud or sabotage are far more costly and can seriously impact an organisation’s profitability and reputation. We provide a range of services and training that helps you build an effective, supportive and employee led insider threat program. In line with NIST guidelines, we have developed a simple 10 step process to benchmark and develop your insider threat program.
Defend your organisation against intentional insider threats
Businesses We’ve Helped.

“Red Goat were able to provide informative and engaging courses on social engineering that opened the eyes of many of our users to threats and malicious patterns of behaviour. The courses were well organised, well delivered and appealed to a wide array of colleagues of all ability levels.”
Vertase FLI

“Red Goat Cyber Security continue to be an essential business partner to help us deliver engaging, insightful and professional experiences for our people and executive teams to teach them how to defend against cyber-attacks. Lisa, in particular brings such an energy and experience on cyber crisis and insider threats that really engages with the audience.”
Pinsent Masons LLP

“Red Goat Cyber Security have created excellent, informative and interactive Social Engineering Awareness training which is suitable for all levels of staff. Lisa manages to get everyone excited about Information Security with her authentic and engaging presentation style. We are proud to call Red Goat Cyber Security one of our key security training providers.”
Hiscox Insurance

“Red Goat were really helpful in tailoring a course to our needs. The trainer was really engaging.”
Futures Housing Group

“Red Goat were very helpful and provided an excellent training course that was really engaging and helpful to a wide range of our staff”.
Bristol Airport

“I was hugely impressed by the Social Engineering Awareness Course run by Red Goat Cyber Security. It is one of the first courses I’ve encountered where those who attended it have continued to talk about it long afterwards; a sure sign that the key messages imparted by the trainer have stuck. “
John Stanley MBCI, Risk & Resilience Manager – UCAS

“I was delighted with how Red Goat Cyber Security delivered the cyber security table top exercise. We have learnt valuable lessons to further improve our plans, processes and check lists and would highly recommend them to other organisations”
Salisbury National Health Service Trust

“Excellent course and great scenarios. We would recommend this course to anyone, really informative and relaxed. Rarely is there a course that is both informative and enjoyable. Really good.”
Royal United Hospitals Bath
Get in touch to discuss how we can help you achieve your security awareness or resilience goals.
By submitting your message and your phone number and/or email address, you are permitting us to contact you by these means in response to your enquiry or feedback. You also acknowledge that you have read our privacy terms and that you consent to our processing data in accordance with them.
Read our privacy policy here.
Cyber Security Articles
Key risk indicators in cyber security
Understanding key risk indicators (KRIs) in cybersecurity In the constantly evolving landscape of cybersecurity, key risk indicators (KRIs) play a crucial role in measuring and […]
How to write an effective ransomware playbook
Ransomware playbooks contain detailed instructions on what to do in the event of a ransomware attack. Read our guide to getting started with developing a ransomware playbook for your organisation.
How to get exec approval for a cyber exercise
Testing your response to a cyber-attack will save you resources in the event of a real incident, but for many organisations taking the first step in exercising can seem like a big commitment in time and energy. Here are some top tips on getting exec approval for a cyber exercise.
Get started with crisis communication planning
Cyber-attacks are no longer outlier events. In fact, the old saying of “it’s not if – but when” has sadly proven true for many organisations. For this reason many organisations are now heavily focused on planning and preparing for a cyber-attack and increasing their levels of resilience, response and redundancy to enable them to survive.
7 Examples of Cyber Tabletop Exercises
Would you know how to respond if your organisation was hit by a cyber attack? Running a cyber tabletop exercise allows you to prepare and test responses in a safe environment. But what type of cyber incident should you use in your exercise? Here are seven examples of cyber tabletop exercises that you could consider running for your crisis team.
A big change for future cyber-attack victims in France?
A big change is coming in France. From April 24th this year cyber attack victims will now have 72 hours…
Monero and the rise of privacy coins in ransom demands
Bitcoin has been synonymous with ransomware for as long as cybercriminals have been encrypting hard drives. Now ransoms are increasingly being demanded in alternative cryptocurrencies […]
Preparing for a ransomware attack: Payment
Another year passes and we are still not seeing the significant dip in ransomware and double extortion…
The Complete Guide to Running a Cybersecurity Tabletop Exercise
What is a cybersecurity tabletop exercise? A tabletop exercise is an engaging and realistic simulation of a cyber crisis situation. It tests human and managerial […]
Ransomware – not just flying south for the winter.
In 2022 major ransomware groups have been looking for new profitable markets, and their gaze has fallen…
Can cryptocurrency platforms claim paying attackers is a “White Hat Bounty”?
Today I want to talk about bug bounties. You are probably sitting there thinking you have heard every…
Lisa Forte – Darknet Diaries
One of our Partners, Lisa Forte, was asked to be a guest on what is perhaps the most popular and influential…
Lloyd’s of London exclude nation-backed cyber attacks from insurance
Lloyds of London has announced that from 2023 all of its insurer groups will have to exclude “catastrophic”…
OFAC Sanctions Tornado Cash: what this means for ransomware payments
In early August the U.S Treasury’s Office of Foreign Assets Control (OFAC) sanctioned another popular…
Lisa Forte talks about table-top exercises on Mimecast’s Phishy Business
Listen to the episode here: Listen on Spotify Episode Description: In this episode of Phishy Business, we take a look at cyber crisis exercises and […]
The vitally important role of loggists in a cyber incident
Who? Why? When your crisis management team (CMT) meet they are usually gathered to handle a crisis. They have to operate in high pressure situations […]
AWS/Capital One hacker jailed for massive data theft and illicit crypto mining
“She wanted data, she wanted money and she wanted to brag” This was what Assistant United States Attorney Andrew Friedman said of Paige Thompson in […]
Supply chain security: Renaissance or retrogression?
Overall we have a low level of visibility and understanding of our supply chains. Horizon scanning for threats and vulnerabilities needs to extend into this […]
Maersk incident response
Updated April 2023 Fire drills are commonplace. We test the alarms, the evacuation procedures and the fire marshals get to practice their roles. In a […]
Are all insider threats bad apples?
The “bad apples” argument for insider threats is simply too reductionist. Here is why: When an intentional insider threat manifests it is a product of […]
3 easy traps your Crisis Management Team could fall into and how to prevent them
Your Crisis Management Team, CMT, helps prepare your organisation for an incident and manages the strategic response to any incidents or crisis that occurs. In […]
A new ransomware business model?
2020 and 2021 have seen some pretty epic ransoms being paid by companies that at one point in time you would have assumed would never […]
Rebuilding after a cyber attack
We talk a lot about handling the initial car crash of a breach. What to do first, the comms that need to go out and […]
Would you fall for a $35m voice cloning attack?
A high tech vishing attack utilising voice cloning has lost a UAE bank 35 Million USD. What happened? According to the court documents: the Victim […]
Defcon Talk: Using SE to create insider threats and win all the things
Lisa Forte’s Defcon 2021 talk on social engineering and insider threat. Transcript to follow.
The Gold-Silver-Bronze Command Structure
The Gold-Silver-Bronze or ‘GSB’ command structure was rooted in and developed heavily by the UK emergency services. It was designed to establish a clear hierarchical […]
Insider Theft of $119M worth of Coca Cola IP
What happened? An engineer who worked for Coca Cola and other manufacturers is alleged to have stolen valuable trade secrets in order to set up […]
Tesla Insider Threat Case (Khatilov)
Tesla Insider Threat Case Study According to the official Filing, Tesla is suing a former employee and software engineer named Alex Khatilov alleging trade secret […]
Wargaming, Cyber Attacks and Astronaut thinking
CEO Digital Show This week Lisa was on the CEO Digital show discussing Wargaming, Cyberattacks, Protecting Against Romance Fraud, & ‘Astronaut Thinking’ in Leadership. Key points […]
The 5 Best Ways to Spot TV Licence Phishing Emails
TV Licence Phishing Emails In the UK a licence is required to watch live TV in the home. With lockdown continuing and people’s reliance on […]
What is Vishing?
What is vishing? How to How to defend your organisation against telephone-based vishing scams
Behaviour Change in your Organisation (short video)
Getting your staff to change their security behaviour It is often submitted that fear is bad. Actually, from a behavioural science perspective we know fear […]
Hacked! Right Match Singles Suffers a Data Breach..
Cyber Security Awareness Month Special: “Hacked” What would you do if your company was hit by a cyber attack? Do you have a plan? A […]
Get staff engaged for Cybersecurity Awareness Month
October is ECSM, a month-long European event promoting good cyber security practices and safety. This years themes are: 1. Cyber First Aid:What to do in […]
CV19 and Kaspersky Next
At the Kaspersky NEXT event, Cyber Volunteers 19 (CV19) Co-founder and partner at Red Goat Cyber Security, Lisa Forte discussed with Kaspersky’s
pre-election tricks goes deeper than social media.
How pre-election manipulation goes deeper than social media. A critical moment is almost upon us. It will be a test of the protections we’ve tried […]
Insider Threat $800K Rogue Admin
Rogue Admin: Disgruntled former IT admin Charles E. Taylor quit his job at an unnamed Atlanta based distribution company before going on a sabotage spree costing the company $800,000 USD to redress.
Lisa Forte on Smashing Security Podcast
178: Office pranks, meat dresses, and robocop dogs May 14th, 2020 | 50 mins 42 secs coronavirus, data breach, email storm, hacking, k2, lady gaga, microsoft, […]
Permissions Creep
Permissions Creep, also known as privilege creep, is what happens when an employee moves between roles in an organisation and keeps the access or permissions of the previous role.
Should Your Company Ban Zoom?
As several businesses ditch the popular conferencing tool, Lisa Forte, partner at Red Goat Cyber Security, calls for calm Zoom, the free to use video conferencing […]
Cyber Volunteers 19
Do you work in cyber security? Why not sign up to volunteer to help protect healthcare providers during the Covid-19 pandemic.
Lisa Forte on Random But Memorable Podcast
Comically Bad Ultrasonic Berry with Lisa Forte Description Do we need more positivity in cybersecurity? And are bananas a type of berry? 🍌Join us, as […]
Why Run a Cyber Exercise?
Your company could have the most detailed response plans in the world but if they have not been tested they may well be useless when they are most needed. A cyber security incident is not a good time for seeing if your plans actually work.
Insider Threat Fraud: £4.6m in self-signed invoices
Of the three categories of insider threat; theft, fraud and sabotage, insider threat fraud is often the most complex, inventive and difficult to detect. This […]
LISA FORTE INTERVIEW WITH DIGIT MAGAZINE
LISA FORTE INTERVIEW WITH DIGIT MAGAZINE Lisa Forte, partner and cyber threat specialist at Red Goat Cyber, shares her insights about the ‘insider threat’ and […]
Amazon Ring Insider Threat
Ring, the Amazon owned home-security company, has admitted firing four employees who accessed users’ videos. The employees had access to the video feeds but exceeded their authorised access by viewing them. This has undoubtedly caused embarrassment for Ring.
The Facebook Insider
Friday the 13th is a day that has been long associated with bad omens. This became a reality for almost 30,000 Facebook staff though on […]
Trend Micro Insider Breach
The Tokyo based cyber security company Trend Micro has revealed it has been the victim of a sophisticated insider threat attack. Customer records were accessed […]
Insider threat: former SEC investigator charged
The SEC investigator was charged with several crimes including unauthorized computer access and disclosure of confidential information. The defendant, Mr. Cohn, was the MD and […]
How voice assistants can be used to phish passwords
We have seen a wealth of articles on the security and privacy issues around voice assistants. This week I came across and new and far […]
Red Goat Insider Threat Report
Insider Threat Report 2019 finally released! Red Goat Cyber Security are proud to announce the results of their research into insider threat reporting. The research […]
3 Steps To Make Cyber Security Awareness Month A Success
October is Cyber Security Awareness Month! A lot of our clients are busy preparing events and internal campaigns to increase awareness of cyber related issues […]
Red Goat finalists for Computer Security Awards 2019
Red Goat Cyber Security has been recognised as a finalist in the 2019 Computing Security Awards. Partner and Co-founder, Lisa Forte, has been selected as […]
Teiss Podcast on Insider Threat
“I really enjoyed making this podcast with Anna Delaney. She always asks hard interesting questions and it was great fun to discuss some of the […]
Tales from the road: OSINT in the Washroom
I recently went for a meeting at a company’s office. This company had a few floors in a shared office building. Due to a large […]
Online Radicalisation and Social Engineering
Online radicalisation and social engineering There has been a lot of media coverage here in the UK about a young woman who previously left the […]
Paris riots, Social Proof and Corporate Security
I was recently hired to speak at an event in Paris. I love the city however this particular visit was during an unfortunate time. Paris […]
The Hustlers of Naples
Social engineering is a fascinating and diverse attack vector because it exploits human nature and people are generally predictable in their responses. We focus on […]
Simone – A Social Media Investigation
Speaking around the world about social engineering one question comes up almost every time. Why is social engineering so successful? A key success factor in […]
Interview with DIGIT
Social engineering and social media risks Here’s a link to an interview with DIGIT who organise the excellent Scot-Secure event in Edinburgh (among many other […]
Reconnaissance for Social Engineering: Tales from the Road
Social engineering reconaissance When it comes to reconnaissance and open source intelligence, research often seems like a digital battle. Using endless pieces of software, sites […]
Webinar: Think like a hacker
We recently did a webinar with APMG on why you need to think like a hacker. They have uploaded it here: https://apmg-international.com/events/why-you-need-start-thinking-hacker
Can I borrow your swipecard?
This case involves an accountancy firm based in South East England. The firm had just lost a big client and as a result had to make some cuts which included letting a few members of staff go.
Stay calm and (don’t) pay the hackers
This social engineering case study highlights how attackers can use curiosity, urgency and fear to manipulate victims into breaking company protocols and get a finance employee to willingly transfer £152,000 into the attackers bank account.
The enthusiastic law student
This case involves a law firm based in the south of England. The firm was of a reasonable size and, like most law firms, held a lot of very sensitive customer data.
Criminal Justice Evolution podcast
Patrick Fitzgibbons was kind enough to invite me on to his US based Criminal Justice Evolution podcast. We talked about the social engineering threats facing […]
The not-so-secret life of boarding passes
Have you ever thought about what your boarding pass might say about you? I don’t mean “oh look at me, I’m flying in Emirates Business Class”, but what data you might be leaking publicly on that anachronistic piece of paper you discard in the seat in front of you. Turns out it is an awful lot more than you think…
The Prisoners Dilemma and Intelligence sharing
Cybercrime is increasing year on year. The 2017 cyber breaches survey shows that almost half of UK firms have been hit by cyber breach or […]
Equifax Leak
In the latest in a truly blockbuster year for data leaks, American credit reporting company Equifax has announced the loss of highly sensitive data belonging […]
Leak of the week: 711m email addresses
A French malware researcher has found an online database of 711 million email addresses, in some cases with the associated passwords for that account. The list […]
South Korea 2 : Trust, Cyber-Security and Wannacry
In my first article on South Korea I looked at some unique solutions to protecting citizens and businesses from the cyber threat. In this second article on […]
South Korea 1: On The Alert
In the first of two blog articles on cyber security and tech in South Korea, I am looking at the pervasive use of technology in […]