NCSC Certified Social Engineering Awareness Course

The APMG swirl device logo is a trademark of The APM Group Ltd. Use of this trademark on this with website has been authorised solely for marketing purposes. All rights reserved.

Social Engineering Training

Social engineering has proved to be one of the most prolific & effective means of attacking organisations of all sizes. It is an attack vector that is growing rapidly. Your staff need to be able to identify & defend against attempted attacks. Your I.T team should focus on the more technical elements of security & the rest of your staff should focus on social engineering threats.
“Social Engineering: Manipulating people into carrying out specific actions or divulging information that is of use to an attacker”- NCSC
This face-to-face NCSC certified course equips your staff with the skills to identify & combat social engineering attacks such as not clicking malicious links or opening phishing emails. We follow nationally set standards and best practice to ensure you get the best awareness training possible for your staff.

Social engineering training

Course Contents


The biggest attack vector. Staff learn how malicious emails are crafted and how to spot them.



Phone based attacks often used to gather intelligence for another attack. Staff learn how to spot & stop this attack.


A physical attack to gain access to your business & data. Staff learn strategies for challenging these attacks.

Counter measures

See the business impact of successful attacks and learn ways to improve security within their organisation.




Staff training on information security is a crucial part of risk mitigation under the GDPR. Companies who cannot show measurable compliance risk heavy fines. The ICO states that companies should train their staff to be aware of phishing, vishing & impersonation attacks as part of their data protection training.



By having your staff complete a NCSC certified social engineering training course you can demonstrate a commitment to cyber security to your clients.



Staff don’t have to be a security weakness, with the right training they can be your greatest defence.

Why Us



Our course is NCSC certified which is an industry recognised benchmark for cyber security training quality.



With our background in one of the U.K Police Cyber Crime Units we understand the threat well.



We are subject matter experts who speak at events around the world on cyber security & social engineering.



We provide high quality training that is fun & interactive and managed from start to finish.

What People are Saying

Futures Housing Group

“Red Goat were really helpful in tailoring a course to our needs. The trainer was really engaging.”

Futures Housing group
Bristol Airport

“Red Goat were very helpful and provided an excellent training course that was really engaging and helpful to a wide range of our staff”.

Bath hospital

“Excellent course and great scenarios. We would recommend this course to anyone, really informative and relaxed. Rarely is there a course that is both informative and enjoyable. Really good.”

Take control of your cyber security and contact us now...


By submitting your message and your phone number and/or email address, you are permitting us to contact you by these means in response to your enquiry or feedback. You also acknowledge that you have read our privacy terms and that you consent to our processing data in accordance with them.Read our privacy policy here


Who is the course for?

This is a face-to-face awareness level course. It is suitable for all company staff and has been designed to be practical and easily understood by anyone. Our clients often employ it to provide their “high risk” staff with more in-depth training.

Who is the trainer?

All our NCSC certified social engineering courses are taught by award-winning cyber security expert Lisa Forte.

Where do you run the courses?

The courses are run at a venue of your choice. We are able to run the courses anywhere in the world and we frequently run courses in the UK, Europe and the USA.

Do students get a certificate?

Students get a certificate of completion of a GCHQ accredited course to evidence their training. This benefits their CPD and demonstrates your commitment to cyber security both to your clients & the ICO under the GDPR.

How long is the course?

The course lasts for 4 hours Including the exam. This means your staff don’t miss an entire day off work so the course causes minimal operational disruption.
Alternatively there is a 2 hour, non-NCSC certified course which has the core elements of the 4 hour course but is not certified by GCHQ. Contact us for more information.

Why NCSC Certified Training?

With the abundance of cyber security training courses on offer it can be difficult for customers to identify highly competent trainers and good quality courses. NCSC Certified Training (NCT) addresses this issue- providing customers with a choice of rigorously assessed training providers, thus they can feel confident they’ll receive training that is consistent with industry best practice.

What is the difference between cyber security training & social engineering training?

Social engineering is one of the largest cyber attack vectors being used. Your human firewall (your staff) need to be able to identify & defend against attempted attacks to protect the company & themselves. Social engineering is a huge part of cyber security. Your I.T team should focus on the technical parts of cyber security & your staff should focus on social engineering threats.

 The APMG swirl device logo is a trademark of The APM Group Ltd. Use of this trademark on this with website has been authorised solely for marketing purposes. All rights reserved.

Related Content

Rebuilding after a cyber attack

Rebuilding after a cyber attack

We talk a lot about handling the initial car crash of a breach. What to do first, the comms that need to go out and the reporting to regulators. This all happens within the first few hours or days of a breach being discovered. What about after that? Last week I ran...

Would You Fall For A $35m Voice Cloning Attack?

Would You Fall For A $35m Voice Cloning Attack?

A high tech vishing attack utilising voice cloning has lost a UAE bank 35 Million USD. What happened? According to the court documents: the Victim Company’s branch manager received a phone call that claimed to be from the company headquarters. The caller sounded like...