red-goat.com
Open in
urlscan Pro
2a06:98c1:3121::3
Public Scan
Submitted URL: http://red-goat.com/
Effective URL: https://red-goat.com/
Submission: On September 14 via manual from IN — Scanned from NL
Effective URL: https://red-goat.com/
Submission: On September 14 via manual from IN — Scanned from NL
Form analysis 2 forms found in the DOM
GET /
<form class="search-form" method="get" action="/">
<div class="container"> <input type="text" name="s" placeholder="Search..." class="search-input" autocomplete="off"> <button type="submit">Go</button></div>
</form>POST /#wpcf7-f483-p6-o1
<form action="/#wpcf7-f483-p6-o1" method="post" class="wpcf7-form init" aria-label="Contact form" novalidate="novalidate" data-status="init">
<div style="display: none;"> <input type="hidden" name="_wpcf7" value="483"> <input type="hidden" name="_wpcf7_version" value="5.8"> <input type="hidden" name="_wpcf7_locale" value="en_GB"> <input type="hidden" name="_wpcf7_unit_tag"
value="wpcf7-f483-p6-o1"> <input type="hidden" name="_wpcf7_container_post" value="6"> <input type="hidden" name="_wpcf7_posted_data_hash" value=""> <input type="hidden" name="_wpcf7_recaptcha_response" value=""></div>
<p><span class="wpcf7-form-control-wrap" data-name="Helpyouwith"><select class="wpcf7-form-control wpcf7-select" aria-invalid="false" name="Helpyouwith">
<option value="What can we help you with">What can we help you with</option>
<option value="Training/Webinars">Training/Webinars</option>
<option value="Exercising">Exercising</option>
<option value="Crisis Consultancy">Crisis Consultancy</option>
<option value="Speaking at an Event">Speaking at an Event</option>
</select></span></p>
<p><span class="wpcf7-form-control-wrap" data-name="your-name"><input size="40" class="wpcf7-form-control wpcf7-text wpcf7-validates-as-required" aria-required="true" aria-invalid="false" placeholder="Name" value="" type="text"
name="your-name"></span></p>
<p><span class="wpcf7-form-control-wrap" data-name="CompanyName"><input size="40" class="wpcf7-form-control wpcf7-text" aria-invalid="false" placeholder="Company Name" value="" type="text" name="CompanyName"></span></p>
<p><span class="wpcf7-form-control-wrap" data-name="your-email"><input size="40" class="wpcf7-form-control wpcf7-email wpcf7-validates-as-required wpcf7-text wpcf7-validates-as-email" aria-required="true" aria-invalid="false"
placeholder="Company Email Address" value="" type="email" name="your-email"></span></p>
<p><span class="wpcf7-form-control-wrap" data-name="PhoneNumber"><input size="40" class="wpcf7-form-control wpcf7-tel wpcf7-text wpcf7-validates-as-tel" aria-invalid="false" placeholder="Phone Number" value="" type="tel" name="PhoneNumber"></span>
</p>
<p><span class="wpcf7-form-control-wrap" data-name="your-message"><textarea cols="40" rows="10" class="wpcf7-form-control wpcf7-textarea" aria-invalid="false" placeholder="Message" name="your-message"></textarea></span></p> <span
class="wpcf7-form-control-wrap recaptcha" data-name="recaptcha"><span data-sitekey="6LeEaZEUAAAAALHago8k4GrGea9ZJDfNwCdNeh9r" class="wpcf7-form-control wpcf7-recaptcha g-recaptcha">
<div style="width: 304px; height: 78px;">
<div><iframe title="reCAPTCHA"
src="https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeEaZEUAAAAALHago8k4GrGea9ZJDfNwCdNeh9r&co=aHR0cHM6Ly9yZWQtZ29hdC5jb206NDQz&hl=en-GB&v=uEf7E1417z6GNSkRx7AyL8K8&size=normal&cb=mysmlgsc5s75" width="304"
height="78" role="presentation" name="a-yrf4hvwttjnb" frameborder="0" scrolling="no" sandbox="allow-forms allow-popups allow-same-origin allow-scripts allow-top-navigation allow-modals allow-popups-to-escape-sandbox"></iframe></div>
<textarea id="g-recaptcha-response" name="g-recaptcha-response" class="g-recaptcha-response" style="width: 250px; height: 40px; border: 1px solid rgb(193, 193, 193); margin: 10px 25px; padding: 0px; resize: none; display: none;"></textarea>
</div><iframe style="display: none;"></iframe>
</span> <noscript>
<div class="grecaptcha-noscript"> <iframe src="https://www.google.com/recaptcha/api/fallback?k=6LeEaZEUAAAAALHago8k4GrGea9ZJDfNwCdNeh9r" frameborder="0" scrolling="no" width="310" height="430"> </iframe><textarea name="g-recaptcha-response"
rows="3" cols="40" placeholder="reCaptcha Response Here"> </textarea></div>
</noscript> </span>
<div class="align-right">
<p><button type="submit" class="wpcf7-submit button">Submit<div class="graphic"></div>
<div class="arrow"></div>
</button></p>
</div>
<p style="display: none !important;"><label>Δ<textarea name="_wpcf7_ak_hp_textarea" cols="45" rows="8" maxlength="100"></textarea></label><input type="hidden" id="ak_js_1" name="_wpcf7_ak_js" value="1694708077873">
<script>
document.getElementById("ak_js_1").setAttribute("value", (new Date()).getTime());
</script>
</p>
<div class="wpcf7-response-output" aria-hidden="true"></div><input type="hidden" name="vx_width" value="1600"><input type="hidden" name="vx_height" value="1200"><input type="hidden" name="vx_url" value="https://red-goat.com/">
</form>Text Content
We value your privacy We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies. Customize Reject All Accept All Customize Consent Preferences We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below. The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... Show more NecessaryAlways Active Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data. No cookies to display. Functional Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features. No cookies to display. Analytics Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc. No cookies to display. Performance Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors. No cookies to display. Advertisement Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns. No cookies to display. Accept All Save My Preferences Reject All Powered by * Training * Social Engineering Training Course * Crisis Management Training * Executive Briefings * Webinars * Cyber Crisis Exercise * Crisis Management Services * Insider Threat * About * Resources * Download The Complete Guide to Running a Cybersecurity Tabletop Exercise * Case Studies * Blog * Smishing * Vishing * Insider Threat * Insider Threat Report * Contact Go TRAINING, EXERCISING AND CONSULTANCY TO HELP DEFEND YOUR ORGANISATION AGAINST CYBER THREATS Get in touch CYBER SECURITY TRAINING AND EXERCISING TO PROTECT YOUR COMPANY FROM CYBER THREATS JOIN THE THOUSANDS OF STUDENTS THAT HAVE ENJOYED OUR CYBER SECURITY TRAINING CYBER SECURITY TRAINING Improve your human defences to cyber threats. Increase understanding and participation in cyber hygiene best practice through training that engages and informs. We provide bespoke, virtual and online atraining courses across a range of cyber security topics including insider threats, social engineering, cyber hygiene and the importance of reporting mistakes. Start training today CYBER EXERCISES A realistic, scenario based cyber crisis exercise is the number one way to improve your response to a cyber incident. Organisations that prepare and practice for cyber incidents recover faster and significantly reduce the costs of an incident. Our exercises build the confidence and competence of your crisis management team, put your plans and frameworks to the test and help your organisation improve its resilience. Learn more about cyber exercising IMPROVE YOUR RESPONSE TO A POTENTIAL CYBER ATTACK BUILDING YOUR CYBER CRISIS RESILIENCE IS A CRUCIAL PART OF DEFENDING YOUR ORGANISATION CRISIS MANAGEMENT SERVICES Clearly written plans and frameworks are a key part of the incident planning process. They need to be useable and the people responsible for orchestrating the response must be well trained in using them. We provide a suite of crisis management services to help you build lasting resilience as an organisation. Learn more INSIDER THREAT PROGRAM DEVELOPMENT AND TRAINING Intentional insider threats are a growing problem. While mistakes are responsible for the majority of incidents, intentional insider threats resulting in theft of IP, fraud or sabotage are far more costly and can seriously impact an organisation’s profitability and reputation. We provide a range of services and training that helps you build an effective, supportive and employee led insider threat program. In line with NIST guidelines, we have developed a simple 10 step process to benchmark and develop your insider threat program. Learn more DEFEND YOUR ORGANISATION AGAINST INTENTIONAL INSIDER THREATS BUSINESSES WE’VE HELPED. “I was hugely impressed by the Social Engineering Awareness Course run by Red Goat Cyber Security. It is one of the first courses I’ve encountered where those who attended it have continued to talk about it long afterwards; a sure sign that the key messages imparted by the trainer have stuck. “ JOHN STANLEY MBCI, RISK & RESILIENCE MANAGER – UCAS “I was delighted with how Red Goat Cyber Security delivered the cyber security table top exercise. We have learnt valuable lessons to further improve our plans, processes and check lists and would highly recommend them to other organisations” SALISBURY NATIONAL HEALTH SERVICE TRUST “Excellent course and great scenarios. We would recommend this course to anyone, really informative and relaxed. Rarely is there a course that is both informative and enjoyable. Really good.” ROYAL UNITED HOSPITALS BATH “Red Goat were able to provide informative and engaging courses on social engineering that opened the eyes of many of our users to threats and malicious patterns of behaviour. The courses were well organised, well delivered and appealed to a wide array of colleagues of all ability levels.” VERTASE FLI “Red Goat Cyber Security continue to be an essential business partner to help us deliver engaging, insightful and professional experiences for our people and executive teams to teach them how to defend against cyber-attacks. Lisa, in particular brings such an energy and experience on cyber crisis and insider threats that really engages with the audience.” PINSENT MASONS LLP “Red Goat Cyber Security have created excellent, informative and interactive Social Engineering Awareness training which is suitable for all levels of staff. Lisa manages to get everyone excited about Information Security with her authentic and engaging presentation style. We are proud to call Red Goat Cyber Security one of our key security training providers.” HISCOX INSURANCE “Red Goat were really helpful in tailoring a course to our needs. The trainer was really engaging.” FUTURES HOUSING GROUP “Red Goat were very helpful and provided an excellent training course that was really engaging and helpful to a wide range of our staff”. BRISTOL AIRPORT “I was hugely impressed by the Social Engineering Awareness Course run by Red Goat Cyber Security. It is one of the first courses I’ve encountered where those who attended it have continued to talk about it long afterwards; a sure sign that the key messages imparted by the trainer have stuck. “ JOHN STANLEY MBCI, RISK & RESILIENCE MANAGER – UCAS “I was delighted with how Red Goat Cyber Security delivered the cyber security table top exercise. We have learnt valuable lessons to further improve our plans, processes and check lists and would highly recommend them to other organisations” SALISBURY NATIONAL HEALTH SERVICE TRUST “Excellent course and great scenarios. We would recommend this course to anyone, really informative and relaxed. Rarely is there a course that is both informative and enjoyable. Really good.” ROYAL UNITED HOSPITALS BATH “Red Goat were able to provide informative and engaging courses on social engineering that opened the eyes of many of our users to threats and malicious patterns of behaviour. The courses were well organised, well delivered and appealed to a wide array of colleagues of all ability levels.” VERTASE FLI “Red Goat Cyber Security continue to be an essential business partner to help us deliver engaging, insightful and professional experiences for our people and executive teams to teach them how to defend against cyber-attacks. Lisa, in particular brings such an energy and experience on cyber crisis and insider threats that really engages with the audience.” PINSENT MASONS LLP “Red Goat Cyber Security have created excellent, informative and interactive Social Engineering Awareness training which is suitable for all levels of staff. Lisa manages to get everyone excited about Information Security with her authentic and engaging presentation style. We are proud to call Red Goat Cyber Security one of our key security training providers.” HISCOX INSURANCE “Red Goat were really helpful in tailoring a course to our needs. The trainer was really engaging.” FUTURES HOUSING GROUP “Red Goat were very helpful and provided an excellent training course that was really engaging and helpful to a wide range of our staff”. BRISTOL AIRPORT “I was hugely impressed by the Social Engineering Awareness Course run by Red Goat Cyber Security. It is one of the first courses I’ve encountered where those who attended it have continued to talk about it long afterwards; a sure sign that the key messages imparted by the trainer have stuck. “ JOHN STANLEY MBCI, RISK & RESILIENCE MANAGER – UCAS “I was delighted with how Red Goat Cyber Security delivered the cyber security table top exercise. We have learnt valuable lessons to further improve our plans, processes and check lists and would highly recommend them to other organisations” SALISBURY NATIONAL HEALTH SERVICE TRUST “Excellent course and great scenarios. We would recommend this course to anyone, really informative and relaxed. Rarely is there a course that is both informative and enjoyable. Really good.” ROYAL UNITED HOSPITALS BATH GET IN TOUCH TO DISCUSS HOW WE CAN HELP YOU ACHIEVE YOUR SECURITY AWARENESS OR RESILIENCE GOALS. By submitting your message and your phone number and/or email address, you are permitting us to contact you by these means in response to your enquiry or feedback. You also acknowledge that you have read our privacy terms and that you consent to our processing data in accordance with them. Read our privacy policy here. What can we help you withTraining/WebinarsExercisingCrisis ConsultancySpeaking at an Event Submit Δ CYBER SECURITY ARTICLES View all articles LEAK OF THE WEEK: 711M EMAIL ADDRESSES A French malware researcher has found an online database of 711 million email addresses, in some cases with the associated passwords for that account. The list […] Read more SOUTH KOREA 2 : TRUST, CYBER-SECURITY AND WANNACRY In my first article on South Korea I looked at some unique solutions to protecting citizens and businesses from the cyber threat. In this second article on […] Read more SOUTH KOREA 1: ON THE ALERT In the first of two blog articles on cyber security and tech in South Korea, I am looking at the pervasive use of technology in […] Read more KEY RISK INDICATORS IN CYBER SECURITY Understanding key risk indicators (KRIs) in cybersecurity In the constantly evolving landscape of cybersecurity, key risk indicators (KRIs) play a crucial role in measuring and […] Read more HOW TO WRITE AN EFFECTIVE RANSOMWARE PLAYBOOK Ransomware playbooks contain detailed instructions on what to do in the event of a ransomware attack. Read our guide to getting started with developing a ransomware playbook for your organisation. Read more HOW TO GET EXEC APPROVAL FOR A CYBER EXERCISE Testing your response to a cyber-attack will save you resources in the event of a real incident, but for many organisations taking the first step in exercising can seem like a big commitment in time and energy. Here are some top tips on getting exec approval for a cyber exercise. Read more GET STARTED WITH CRISIS COMMUNICATION PLANNING Cyber-attacks are no longer outlier events. In fact, the old saying of “it’s not if – but when” has sadly proven true for many organisations. For this reason many organisations are now heavily focused on planning and preparing for a cyber-attack and increasing their levels of resilience, response and redundancy to enable them to survive. Read more 7 EXAMPLES OF CYBER TABLETOP EXERCISES Would you know how to respond if your organisation was hit by a cyber attack? Running a cyber tabletop exercise allows you to prepare and test responses in a safe environment. But what type of cyber incident should you use in your exercise? Here are seven examples of cyber tabletop exercises that you could consider running for your crisis team. Read more A BIG CHANGE FOR FUTURE CYBER-ATTACK VICTIMS IN FRANCE? A big change is coming in France. From April 24th this year cyber attack victims will now have 72 hours… Read more MONERO AND THE RISE OF PRIVACY COINS IN RANSOM DEMANDS Bitcoin has been synonymous with ransomware for as long as cybercriminals have been encrypting hard drives. Now ransoms are increasingly being demanded in alternative cryptocurrencies […] Read more PREPARING FOR A RANSOMWARE ATTACK: PAYMENT Another year passes and we are still not seeing the significant dip in ransomware and double extortion… Read more THE COMPLETE GUIDE TO RUNNING A CYBERSECURITY TABLETOP EXERCISE What is a cybersecurity tabletop exercise? A tabletop exercise is an engaging and realistic simulation of a cyber crisis situation. It tests human and managerial […] Read more RANSOMWARE – NOT JUST FLYING SOUTH FOR THE WINTER. In 2022 major ransomware groups have been looking for new profitable markets, and their gaze has fallen… Read more CAN CRYPTOCURRENCY PLATFORMS CLAIM PAYING ATTACKERS IS A “WHITE HAT BOUNTY”? Today I want to talk about bug bounties. You are probably sitting there thinking you have heard every… Read more LISA FORTE – DARKNET DIARIES One of our Partners, Lisa Forte, was asked to be a guest on what is perhaps the most popular and influential… Read more LLOYD’S OF LONDON EXCLUDE NATION-BACKED CYBER ATTACKS FROM INSURANCE Lloyds of London has announced that from 2023 all of its insurer groups will have to exclude “catastrophic”… Read more OFAC SANCTIONS TORNADO CASH: WHAT THIS MEANS FOR RANSOMWARE PAYMENTS In early August the U.S Treasury’s Office of Foreign Assets Control (OFAC) sanctioned another popular… Read more LISA FORTE TALKS ABOUT TABLE-TOP EXERCISES ON MIMECAST’S PHISHY BUSINESS Listen to the episode here: Listen on Spotify Episode Description: In this episode of Phishy Business, we take a look at cyber crisis exercises and […] Read more THE VITALLY IMPORTANT ROLE OF LOGGISTS IN A CYBER INCIDENT Who? Why? When your crisis management team (CMT) meet they are usually gathered to handle a crisis. They have to operate in high pressure situations […] Read more AWS/CAPITAL ONE HACKER JAILED FOR MASSIVE DATA THEFT AND ILLICIT CRYPTO MINING “She wanted data, she wanted money and she wanted to brag” This was what Assistant United States Attorney Andrew Friedman said of Paige Thompson in […] Read more SUPPLY CHAIN SECURITY: RENAISSANCE OR RETROGRESSION? Overall we have a low level of visibility and understanding of our supply chains. Horizon scanning for threats and vulnerabilities needs to extend into this […] Read more MAERSK INCIDENT RESPONSE Updated April 2023 Fire drills are commonplace. We test the alarms, the evacuation procedures and the fire marshals get to practice their roles. In a […] Read more ARE ALL INSIDER THREATS BAD APPLES? The “bad apples” argument for insider threats is simply too reductionist. Here is why: When an intentional insider threat manifests it is a product of […] Read more 3 EASY TRAPS YOUR CRISIS MANAGEMENT TEAM COULD FALL INTO AND HOW TO PREVENT THEM Your Crisis Management Team, CMT, helps prepare your organisation for an incident and manages the strategic response to any incidents or crisis that occurs. In […] Read more A NEW RANSOMWARE BUSINESS MODEL? 2020 and 2021 have seen some pretty epic ransoms being paid by companies that at one point in time you would have assumed would never […] Read more REBUILDING AFTER A CYBER ATTACK We talk a lot about handling the initial car crash of a breach. What to do first, the comms that need to go out and […] Read more WOULD YOU FALL FOR A $35M VOICE CLONING ATTACK? A high tech vishing attack utilising voice cloning has lost a UAE bank 35 Million USD. What happened? According to the court documents: the Victim […] Read more DEFCON TALK: USING SE TO CREATE INSIDER THREATS AND WIN ALL THE THINGS Lisa Forte’s Defcon 2021 talk on social engineering and insider threat. Transcript to follow. Read more THE GOLD-SILVER-BRONZE COMMAND STRUCTURE The Gold-Silver-Bronze or ‘GSB’ command structure was rooted in and developed heavily by the UK emergency services. It was designed to establish a clear hierarchical […] Read more INSIDER THEFT OF $119M WORTH OF COCA COLA IP What happened? An engineer who worked for Coca Cola and other manufacturers is alleged to have stolen valuable trade secrets in order to set up […] Read more TESLA INSIDER THREAT CASE (KHATILOV) Tesla Insider Threat Case Study According to the official Filing, Tesla is suing a former employee and software engineer named Alex Khatilov alleging trade secret […] Read more WARGAMING, CYBER ATTACKS AND ASTRONAUT THINKING CEO Digital Show This week Lisa was on the CEO Digital show discussing Wargaming, Cyberattacks, Protecting Against Romance Fraud, & ‘Astronaut Thinking’ in Leadership. Key points […] Read more THE 5 BEST WAYS TO SPOT TV LICENCE PHISHING EMAILS TV Licence Phishing Emails In the UK a licence is required to watch live TV in the home. With lockdown continuing and people’s reliance on […] Read more WHAT IS VISHING? What is vishing? How to How to defend your organisation against telephone-based vishing scams Read more BEHAVIOUR CHANGE IN YOUR ORGANISATION (SHORT VIDEO) Getting your staff to change their security behaviour It is often submitted that fear is bad. Actually, from a behavioural science perspective we know fear […] Read more HACKED! RIGHT MATCH SINGLES SUFFERS A DATA BREACH.. Cyber Security Awareness Month Special: “Hacked” What would you do if your company was hit by a cyber attack? Do you have a plan? A […] Read more GET STAFF ENGAGED FOR CYBERSECURITY AWARENESS MONTH October is ECSM, a month-long European event promoting good cyber security practices and safety. This years themes are: 1. Cyber First Aid:What to do in […] Read more CV19 AND KASPERSKY NEXT At the Kaspersky NEXT event, Cyber Volunteers 19 (CV19) Co-founder and partner at Red Goat Cyber Security, Lisa Forte discussed with Kaspersky’s Read more PRE-ELECTION TRICKS GOES DEEPER THAN SOCIAL MEDIA. How pre-election manipulation goes deeper than social media. A critical moment is almost upon us. It will be a test of the protections we’ve tried […] Read more INSIDER THREAT $800K ROGUE ADMIN Rogue Admin: Disgruntled former IT admin Charles E. Taylor quit his job at an unnamed Atlanta based distribution company before going on a sabotage spree costing the company $800,000 USD to redress. Read more LISA FORTE ON SMASHING SECURITY PODCAST 178: Office pranks, meat dresses, and robocop dogs May 14th, 2020 | 50 mins 42 secs coronavirus, data breach, email storm, hacking, k2, lady gaga, microsoft, […] Read more PERMISSIONS CREEP Permissions Creep, also known as privilege creep, is what happens when an employee moves between roles in an organisation and keeps the access or permissions of the previous role. Read more SHOULD YOUR COMPANY BAN ZOOM? As several businesses ditch the popular conferencing tool, Lisa Forte, partner at Red Goat Cyber Security, calls for calm Zoom, the free to use video conferencing […] Read more CYBER VOLUNTEERS 19 Do you work in cyber security? Why not sign up to volunteer to help protect healthcare providers during the Covid-19 pandemic. Read more LISA FORTE ON RANDOM BUT MEMORABLE PODCAST Comically Bad Ultrasonic Berry with Lisa Forte Description Do we need more positivity in cybersecurity? And are bananas a type of berry? Join us, as […] Read more WHY RUN A CYBER EXERCISE? Your company could have the most detailed response plans in the world but if they have not been tested they may well be useless when they are most needed. A cyber security incident is not a good time for seeing if your plans actually work. Read more INSIDER THREAT FRAUD: £4.6M IN SELF-SIGNED INVOICES Of the three categories of insider threat; theft, fraud and sabotage, insider threat fraud is often the most complex, inventive and difficult to detect. This […] Read more LISA FORTE INTERVIEW WITH DIGIT MAGAZINE LISA FORTE INTERVIEW WITH DIGIT MAGAZINE Lisa Forte, partner and cyber threat specialist at Red Goat Cyber, shares her insights about the ‘insider threat’ and […] Read more AMAZON RING INSIDER THREAT Ring, the Amazon owned home-security company, has admitted firing four employees who accessed users’ videos. The employees had access to the video feeds but exceeded their authorised access by viewing them. This has undoubtedly caused embarrassment for Ring. Read more THE FACEBOOK INSIDER Friday the 13th is a day that has been long associated with bad omens. This became a reality for almost 30,000 Facebook staff though on […] Read more TREND MICRO INSIDER BREACH The Tokyo based cyber security company Trend Micro has revealed it has been the victim of a sophisticated insider threat attack. Customer records were accessed […] Read more INSIDER THREAT: FORMER SEC INVESTIGATOR CHARGED The SEC investigator was charged with several crimes including unauthorized computer access and disclosure of confidential information. The defendant, Mr. Cohn, was the MD and […] Read more HOW VOICE ASSISTANTS CAN BE USED TO PHISH PASSWORDS We have seen a wealth of articles on the security and privacy issues around voice assistants. This week I came across and new and far […] Read more RED GOAT INSIDER THREAT REPORT Insider Threat Report 2019 finally released! Red Goat Cyber Security are proud to announce the results of their research into insider threat reporting. The research […] Read more 3 STEPS TO MAKE CYBER SECURITY AWARENESS MONTH A SUCCESS October is Cyber Security Awareness Month! A lot of our clients are busy preparing events and internal campaigns to increase awareness of cyber related issues […] Read more RED GOAT FINALISTS FOR COMPUTER SECURITY AWARDS 2019 Red Goat Cyber Security has been recognised as a finalist in the 2019 Computing Security Awards. Partner and Co-founder, Lisa Forte, has been selected as […] Read more TEISS PODCAST ON INSIDER THREAT “I really enjoyed making this podcast with Anna Delaney. She always asks hard interesting questions and it was great fun to discuss some of the […] Read more TALES FROM THE ROAD: OSINT IN THE WASHROOM I recently went for a meeting at a company’s office. This company had a few floors in a shared office building. Due to a large […] Read more ONLINE RADICALISATION AND SOCIAL ENGINEERING Online radicalisation and social engineering There has been a lot of media coverage here in the UK about a young woman who previously left the […] Read more PARIS RIOTS, SOCIAL PROOF AND CORPORATE SECURITY I was recently hired to speak at an event in Paris. I love the city however this particular visit was during an unfortunate time. Paris […] Read more THE HUSTLERS OF NAPLES Social engineering is a fascinating and diverse attack vector because it exploits human nature and people are generally predictable in their responses. We focus on […] Read more SIMONE – A SOCIAL MEDIA INVESTIGATION Speaking around the world about social engineering one question comes up almost every time. Why is social engineering so successful? A key success factor in […] Read more INTERVIEW WITH DIGIT Social engineering and social media risks Here’s a link to an interview with DIGIT who organise the excellent Scot-Secure event in Edinburgh (among many other […] Read more RECONNAISSANCE FOR SOCIAL ENGINEERING: TALES FROM THE ROAD Social engineering reconaissance When it comes to reconnaissance and open source intelligence, research often seems like a digital battle. Using endless pieces of software, sites […] Read more WEBINAR: THINK LIKE A HACKER We recently did a webinar with APMG on why you need to think like a hacker. They have uploaded it here: https://apmg-international.com/events/why-you-need-start-thinking-hacker Read more CAN I BORROW YOUR SWIPECARD? This case involves an accountancy firm based in South East England. The firm had just lost a big client and as a result had to make some cuts which included letting a few members of staff go. Read more STAY CALM AND (DON’T) PAY THE HACKERS This social engineering case study highlights how attackers can use curiosity, urgency and fear to manipulate victims into breaking company protocols and get a finance employee to willingly transfer £152,000 into the attackers bank account. Read more THE ENTHUSIASTIC LAW STUDENT This case involves a law firm based in the south of England. The firm was of a reasonable size and, like most law firms, held a lot of very sensitive customer data. Read more CRIMINAL JUSTICE EVOLUTION PODCAST Patrick Fitzgibbons was kind enough to invite me on to his US based Criminal Justice Evolution podcast. We talked about the social engineering threats facing […] Read more THE NOT-SO-SECRET LIFE OF BOARDING PASSES Have you ever thought about what your boarding pass might say about you? I don’t mean “oh look at me, I’m flying in Emirates Business Class”, but what data you might be leaking publicly on that anachronistic piece of paper you discard in the seat in front of you. Turns out it is an awful lot more than you think… Read more THE PRISONERS DILEMMA AND INTELLIGENCE SHARING Cybercrime is increasing year on year. The 2017 cyber breaches survey shows that almost half of UK firms have been hit by cyber breach or […] Read more EQUIFAX LEAK In the latest in a truly blockbuster year for data leaks, American credit reporting company Equifax has announced the loss of highly sensitive data belonging […] Read more LEAK OF THE WEEK: 711M EMAIL ADDRESSES A French malware researcher has found an online database of 711 million email addresses, in some cases with the associated passwords for that account. The list […] Read more SOUTH KOREA 2 : TRUST, CYBER-SECURITY AND WANNACRY In my first article on South Korea I looked at some unique solutions to protecting citizens and businesses from the cyber threat. In this second article on […] Read more SOUTH KOREA 1: ON THE ALERT In the first of two blog articles on cyber security and tech in South Korea, I am looking at the pervasive use of technology in […] Read more KEY RISK INDICATORS IN CYBER SECURITY Understanding key risk indicators (KRIs) in cybersecurity In the constantly evolving landscape of cybersecurity, key risk indicators (KRIs) play a crucial role in measuring and […] Read more HOW TO WRITE AN EFFECTIVE RANSOMWARE PLAYBOOK Ransomware playbooks contain detailed instructions on what to do in the event of a ransomware attack. Read our guide to getting started with developing a ransomware playbook for your organisation. Read more HOW TO GET EXEC APPROVAL FOR A CYBER EXERCISE Testing your response to a cyber-attack will save you resources in the event of a real incident, but for many organisations taking the first step in exercising can seem like a big commitment in time and energy. Here are some top tips on getting exec approval for a cyber exercise. Read more GET STARTED WITH CRISIS COMMUNICATION PLANNING Cyber-attacks are no longer outlier events. In fact, the old saying of “it’s not if – but when” has sadly proven true for many organisations. For this reason many organisations are now heavily focused on planning and preparing for a cyber-attack and increasing their levels of resilience, response and redundancy to enable them to survive. Read more 7 EXAMPLES OF CYBER TABLETOP EXERCISES Would you know how to respond if your organisation was hit by a cyber attack? Running a cyber tabletop exercise allows you to prepare and test responses in a safe environment. But what type of cyber incident should you use in your exercise? Here are seven examples of cyber tabletop exercises that you could consider running for your crisis team. Read more A BIG CHANGE FOR FUTURE CYBER-ATTACK VICTIMS IN FRANCE? A big change is coming in France. From April 24th this year cyber attack victims will now have 72 hours… Read more MONERO AND THE RISE OF PRIVACY COINS IN RANSOM DEMANDS Bitcoin has been synonymous with ransomware for as long as cybercriminals have been encrypting hard drives. Now ransoms are increasingly being demanded in alternative cryptocurrencies […] Read more PREPARING FOR A RANSOMWARE ATTACK: PAYMENT Another year passes and we are still not seeing the significant dip in ransomware and double extortion… Read more THE COMPLETE GUIDE TO RUNNING A CYBERSECURITY TABLETOP EXERCISE What is a cybersecurity tabletop exercise? A tabletop exercise is an engaging and realistic simulation of a cyber crisis situation. It tests human and managerial […] Read more RANSOMWARE – NOT JUST FLYING SOUTH FOR THE WINTER. In 2022 major ransomware groups have been looking for new profitable markets, and their gaze has fallen… Read more CAN CRYPTOCURRENCY PLATFORMS CLAIM PAYING ATTACKERS IS A “WHITE HAT BOUNTY”? Today I want to talk about bug bounties. You are probably sitting there thinking you have heard every… Read more LISA FORTE – DARKNET DIARIES One of our Partners, Lisa Forte, was asked to be a guest on what is perhaps the most popular and influential… Read more LLOYD’S OF LONDON EXCLUDE NATION-BACKED CYBER ATTACKS FROM INSURANCE Lloyds of London has announced that from 2023 all of its insurer groups will have to exclude “catastrophic”… Read more OFAC SANCTIONS TORNADO CASH: WHAT THIS MEANS FOR RANSOMWARE PAYMENTS In early August the U.S Treasury’s Office of Foreign Assets Control (OFAC) sanctioned another popular… Read more LISA FORTE TALKS ABOUT TABLE-TOP EXERCISES ON MIMECAST’S PHISHY BUSINESS Listen to the episode here: Listen on Spotify Episode Description: In this episode of Phishy Business, we take a look at cyber crisis exercises and […] Read more THE VITALLY IMPORTANT ROLE OF LOGGISTS IN A CYBER INCIDENT Who? Why? When your crisis management team (CMT) meet they are usually gathered to handle a crisis. They have to operate in high pressure situations […] Read more AWS/CAPITAL ONE HACKER JAILED FOR MASSIVE DATA THEFT AND ILLICIT CRYPTO MINING “She wanted data, she wanted money and she wanted to brag” This was what Assistant United States Attorney Andrew Friedman said of Paige Thompson in […] Read more SUPPLY CHAIN SECURITY: RENAISSANCE OR RETROGRESSION? Overall we have a low level of visibility and understanding of our supply chains. Horizon scanning for threats and vulnerabilities needs to extend into this […] Read more MAERSK INCIDENT RESPONSE Updated April 2023 Fire drills are commonplace. We test the alarms, the evacuation procedures and the fire marshals get to practice their roles. In a […] Read more ARE ALL INSIDER THREATS BAD APPLES? The “bad apples” argument for insider threats is simply too reductionist. Here is why: When an intentional insider threat manifests it is a product of […] Read more 3 EASY TRAPS YOUR CRISIS MANAGEMENT TEAM COULD FALL INTO AND HOW TO PREVENT THEM Your Crisis Management Team, CMT, helps prepare your organisation for an incident and manages the strategic response to any incidents or crisis that occurs. In […] Read more A NEW RANSOMWARE BUSINESS MODEL? 2020 and 2021 have seen some pretty epic ransoms being paid by companies that at one point in time you would have assumed would never […] Read more REBUILDING AFTER A CYBER ATTACK We talk a lot about handling the initial car crash of a breach. What to do first, the comms that need to go out and […] Read more WOULD YOU FALL FOR A $35M VOICE CLONING ATTACK? A high tech vishing attack utilising voice cloning has lost a UAE bank 35 Million USD. What happened? According to the court documents: the Victim […] Read more DEFCON TALK: USING SE TO CREATE INSIDER THREATS AND WIN ALL THE THINGS Lisa Forte’s Defcon 2021 talk on social engineering and insider threat. Transcript to follow. Read more THE GOLD-SILVER-BRONZE COMMAND STRUCTURE The Gold-Silver-Bronze or ‘GSB’ command structure was rooted in and developed heavily by the UK emergency services. It was designed to establish a clear hierarchical […] Read more INSIDER THEFT OF $119M WORTH OF COCA COLA IP What happened? An engineer who worked for Coca Cola and other manufacturers is alleged to have stolen valuable trade secrets in order to set up […] Read more TESLA INSIDER THREAT CASE (KHATILOV) Tesla Insider Threat Case Study According to the official Filing, Tesla is suing a former employee and software engineer named Alex Khatilov alleging trade secret […] Read more WARGAMING, CYBER ATTACKS AND ASTRONAUT THINKING CEO Digital Show This week Lisa was on the CEO Digital show discussing Wargaming, Cyberattacks, Protecting Against Romance Fraud, & ‘Astronaut Thinking’ in Leadership. Key points […] Read more THE 5 BEST WAYS TO SPOT TV LICENCE PHISHING EMAILS TV Licence Phishing Emails In the UK a licence is required to watch live TV in the home. With lockdown continuing and people’s reliance on […] Read more WHAT IS VISHING? What is vishing? How to How to defend your organisation against telephone-based vishing scams Read more BEHAVIOUR CHANGE IN YOUR ORGANISATION (SHORT VIDEO) Getting your staff to change their security behaviour It is often submitted that fear is bad. Actually, from a behavioural science perspective we know fear […] Read more HACKED! RIGHT MATCH SINGLES SUFFERS A DATA BREACH.. Cyber Security Awareness Month Special: “Hacked” What would you do if your company was hit by a cyber attack? Do you have a plan? A […] Read more GET STAFF ENGAGED FOR CYBERSECURITY AWARENESS MONTH October is ECSM, a month-long European event promoting good cyber security practices and safety. This years themes are: 1. Cyber First Aid:What to do in […] Read more CV19 AND KASPERSKY NEXT At the Kaspersky NEXT event, Cyber Volunteers 19 (CV19) Co-founder and partner at Red Goat Cyber Security, Lisa Forte discussed with Kaspersky’s Read more PRE-ELECTION TRICKS GOES DEEPER THAN SOCIAL MEDIA. How pre-election manipulation goes deeper than social media. A critical moment is almost upon us. It will be a test of the protections we’ve tried […] Read more INSIDER THREAT $800K ROGUE ADMIN Rogue Admin: Disgruntled former IT admin Charles E. Taylor quit his job at an unnamed Atlanta based distribution company before going on a sabotage spree costing the company $800,000 USD to redress. Read more LISA FORTE ON SMASHING SECURITY PODCAST 178: Office pranks, meat dresses, and robocop dogs May 14th, 2020 | 50 mins 42 secs coronavirus, data breach, email storm, hacking, k2, lady gaga, microsoft, […] Read more PERMISSIONS CREEP Permissions Creep, also known as privilege creep, is what happens when an employee moves between roles in an organisation and keeps the access or permissions of the previous role. Read more SHOULD YOUR COMPANY BAN ZOOM? As several businesses ditch the popular conferencing tool, Lisa Forte, partner at Red Goat Cyber Security, calls for calm Zoom, the free to use video conferencing […] Read more CYBER VOLUNTEERS 19 Do you work in cyber security? Why not sign up to volunteer to help protect healthcare providers during the Covid-19 pandemic. Read more LISA FORTE ON RANDOM BUT MEMORABLE PODCAST Comically Bad Ultrasonic Berry with Lisa Forte Description Do we need more positivity in cybersecurity? And are bananas a type of berry? Join us, as […] Read more WHY RUN A CYBER EXERCISE? Your company could have the most detailed response plans in the world but if they have not been tested they may well be useless when they are most needed. A cyber security incident is not a good time for seeing if your plans actually work. Read more INSIDER THREAT FRAUD: £4.6M IN SELF-SIGNED INVOICES Of the three categories of insider threat; theft, fraud and sabotage, insider threat fraud is often the most complex, inventive and difficult to detect. This […] Read more LISA FORTE INTERVIEW WITH DIGIT MAGAZINE LISA FORTE INTERVIEW WITH DIGIT MAGAZINE Lisa Forte, partner and cyber threat specialist at Red Goat Cyber, shares her insights about the ‘insider threat’ and […] Read more AMAZON RING INSIDER THREAT Ring, the Amazon owned home-security company, has admitted firing four employees who accessed users’ videos. The employees had access to the video feeds but exceeded their authorised access by viewing them. This has undoubtedly caused embarrassment for Ring. Read more THE FACEBOOK INSIDER Friday the 13th is a day that has been long associated with bad omens. This became a reality for almost 30,000 Facebook staff though on […] Read more TREND MICRO INSIDER BREACH The Tokyo based cyber security company Trend Micro has revealed it has been the victim of a sophisticated insider threat attack. Customer records were accessed […] Read more INSIDER THREAT: FORMER SEC INVESTIGATOR CHARGED The SEC investigator was charged with several crimes including unauthorized computer access and disclosure of confidential information. The defendant, Mr. Cohn, was the MD and […] Read more HOW VOICE ASSISTANTS CAN BE USED TO PHISH PASSWORDS We have seen a wealth of articles on the security and privacy issues around voice assistants. This week I came across and new and far […] Read more RED GOAT INSIDER THREAT REPORT Insider Threat Report 2019 finally released! Red Goat Cyber Security are proud to announce the results of their research into insider threat reporting. The research […] Read more 3 STEPS TO MAKE CYBER SECURITY AWARENESS MONTH A SUCCESS October is Cyber Security Awareness Month! A lot of our clients are busy preparing events and internal campaigns to increase awareness of cyber related issues […] Read more RED GOAT FINALISTS FOR COMPUTER SECURITY AWARDS 2019 Red Goat Cyber Security has been recognised as a finalist in the 2019 Computing Security Awards. Partner and Co-founder, Lisa Forte, has been selected as […] Read more TEISS PODCAST ON INSIDER THREAT “I really enjoyed making this podcast with Anna Delaney. She always asks hard interesting questions and it was great fun to discuss some of the […] Read more TALES FROM THE ROAD: OSINT IN THE WASHROOM I recently went for a meeting at a company’s office. This company had a few floors in a shared office building. Due to a large […] Read more ONLINE RADICALISATION AND SOCIAL ENGINEERING Online radicalisation and social engineering There has been a lot of media coverage here in the UK about a young woman who previously left the […] Read more PARIS RIOTS, SOCIAL PROOF AND CORPORATE SECURITY I was recently hired to speak at an event in Paris. I love the city however this particular visit was during an unfortunate time. Paris […] Read more THE HUSTLERS OF NAPLES Social engineering is a fascinating and diverse attack vector because it exploits human nature and people are generally predictable in their responses. We focus on […] Read more SIMONE – A SOCIAL MEDIA INVESTIGATION Speaking around the world about social engineering one question comes up almost every time. Why is social engineering so successful? A key success factor in […] Read more INTERVIEW WITH DIGIT Social engineering and social media risks Here’s a link to an interview with DIGIT who organise the excellent Scot-Secure event in Edinburgh (among many other […] Read more RECONNAISSANCE FOR SOCIAL ENGINEERING: TALES FROM THE ROAD Social engineering reconaissance When it comes to reconnaissance and open source intelligence, research often seems like a digital battle. Using endless pieces of software, sites […] Read more WEBINAR: THINK LIKE A HACKER We recently did a webinar with APMG on why you need to think like a hacker. They have uploaded it here: https://apmg-international.com/events/why-you-need-start-thinking-hacker Read more CAN I BORROW YOUR SWIPECARD? This case involves an accountancy firm based in South East England. The firm had just lost a big client and as a result had to make some cuts which included letting a few members of staff go. Read more STAY CALM AND (DON’T) PAY THE HACKERS This social engineering case study highlights how attackers can use curiosity, urgency and fear to manipulate victims into breaking company protocols and get a finance employee to willingly transfer £152,000 into the attackers bank account. Read more THE ENTHUSIASTIC LAW STUDENT This case involves a law firm based in the south of England. The firm was of a reasonable size and, like most law firms, held a lot of very sensitive customer data. Read more CRIMINAL JUSTICE EVOLUTION PODCAST Patrick Fitzgibbons was kind enough to invite me on to his US based Criminal Justice Evolution podcast. We talked about the social engineering threats facing […] Read more THE NOT-SO-SECRET LIFE OF BOARDING PASSES Have you ever thought about what your boarding pass might say about you? I don’t mean “oh look at me, I’m flying in Emirates Business Class”, but what data you might be leaking publicly on that anachronistic piece of paper you discard in the seat in front of you. Turns out it is an awful lot more than you think… Read more THE PRISONERS DILEMMA AND INTELLIGENCE SHARING Cybercrime is increasing year on year. The 2017 cyber breaches survey shows that almost half of UK firms have been hit by cyber breach or […] Read more EQUIFAX LEAK In the latest in a truly blockbuster year for data leaks, American credit reporting company Equifax has announced the loss of highly sensitive data belonging […] Read more LEAK OF THE WEEK: 711M EMAIL ADDRESSES A French malware researcher has found an online database of 711 million email addresses, in some cases with the associated passwords for that account. The list […] Read more SOUTH KOREA 2 : TRUST, CYBER-SECURITY AND WANNACRY In my first article on South Korea I looked at some unique solutions to protecting citizens and businesses from the cyber threat. In this second article on […] Read more SOUTH KOREA 1: ON THE ALERT In the first of two blog articles on cyber security and tech in South Korea, I am looking at the pervasive use of technology in […] Read more Training * Social Engineering Training Course * Insider Threat Program Development and Training * Bespoke Cyber Security Training * Executive Briefings * Webinars Recent Posts * Key risk indicators in cyber security * How to write an effective ransomware playbook * How to get exec approval for a cyber exercise * Get started with crisis communication planning * 7 Examples of Cyber Tabletop Exercises 470 Bath Road, Bristol, BS4 3AP Tel: (+44) 117-325-9190 info@red-goat.com Contact Us Copyright © Red Goat 2023. All rights reserved. * Privacy & Cookie Policy * Terms & Conditions * Sitemap * Sitemap XML Company number: OC419953 VAT: GB303188036 Menu * Training * Social Engineering Training Course * Crisis Management Training * Executive Briefings * Webinars * Cyber Crisis Exercise * Crisis Management Services * Insider Threat * About * Resources * Download The Complete Guide to Running a Cybersecurity Tabletop Exercise * Case Studies * Blog * Smishing * Vishing * Insider Threat * Insider Threat Report * Contact