Skip to main content
All Solutions
Cyber Risk Essentials — Managed Cyber Awareness Program cybersecurity solution

Managed Cyber Awareness Program

Cyber Risk Essentials

Build Your Human Firewall

Overview

80–90% of breaches involve human interaction. The Cyber Risk Essentials Suite converts your most vulnerable point — your people — into your strongest line of defence. It combines automated phishing simulations, monthly self-paced training, quarterly instructor-led sessions, and executive coaching into a layered, managed programme that continuously measures and improves human security behaviour. Produces automated compliance reporting for cyber insurers and regulators.

Who It's For

Any organisation with employees — human risk is universal
Organisations looking to reduce cyber insurance premiums by demonstrating active controls
Companies with high email communication volume and phishing exposure
Organisations needing documented compliance evidence for POPIA or GDPR
C-suite and boards wanting to understand their personal risk from AI/deepfake exploitation
Organisations following a security breach or near-miss who need rapid culture improvement

Key Differentiators

  • Randomised phishing simulations every 3–5 weeks — employees never know when they're being tested
  • Monthly self-paced online training; continuous remedial training automatically assigned to defaulters
  • Quarterly instructor-led cyber awareness sessions for all staff
  • Executive Lunch-and-Learn: AI exploitation, deepfake deception, and boardroom cyber governance
  • Dark web intelligence monitoring for compromised employee credentials
  • Automated compliance reporting for cyber insurance providers and regulators
  • Measurable improvement in click rates — demonstrates ROI over time
  • POPIA and GDPR compliance evidence generation included
  • Reduces cyber insurance premium exposure by demonstrating active awareness management

Competitive Positioning

vs. KnowBe4

  • CRS Cyber Risk Essentials is a managed programme — KnowBe4 requires partner/client to manage and run campaigns
  • CRS includes instructor-led sessions and Executive Lunch-and-Learns — KnowBe4 is self-service only
  • CRS includes dark web credential monitoring alongside training — KnowBe4 does not
  • CRS programme is locally delivered with South African regulatory context (POPIA, FSCA)

vs. GoldPhish (SMBsecure Training module)

  • Cyber Risk Essentials is a full managed programme — GoldPhish is a platform tool
  • CRS adds executive coaching and quarterly live sessions beyond what GoldPhish delivers
  • Complementary: GoldPhish platform powers the technical delivery; CRS wraps the managed service layer

vs. Internal security awareness (no vendor)

  • Third-party simulations are more credible — employees know internal campaigns and dismiss them
  • CRS provides external benchmarking and compliance reporting that internal teams cannot produce
  • CRS programme frees internal IT/security staff from managing awareness campaigns

Full partner battle cards, pricing intelligence, and objection-handling guides available in the partner portal.

Partner Use Cases

Reducing Phishing Click Rates and Building a Human Firewall

A manufacturing partner's client experiences a spear-phishing attack that bypasses email filtering and compromises a finance team account. At baseline, 35% of employees click phishing simulation emails. CRS implements the full Cyber Risk Essentials programme — randomised simulations every 3–5 weeks, monthly self-paced training, quarterly instructor-led sessions, and immediate remedial training for every clicker. After six months, the click rate drops to 4% and the client demonstrates measurable security culture improvement to their cyber insurer.

Generating POPIA Compliance Evidence for a Cyber Insurer

A partner's client is renewing their cyber insurance policy and the insurer requires documented evidence of active security awareness training with measurable outcomes. CRS Cyber Risk Essentials produces monthly automated compliance reports — training completion rates, phishing simulation click rates, remedial training assignments, and improvement trend data. The partner packages these reports as part of the managed service delivery, enabling the client to satisfy insurer requirements without internal security staff overhead.

Executive Cyber Risk Briefing for C-Suite and Board

A partner uses CRS's Executive Lunch-and-Learn to open a C-suite conversation at a prospect organisation. The 90-minute facilitated session covers AI-assisted social engineering, deepfake voice and video fraud, CEO impersonation, and boardroom governance obligations under POPIA and the Companies Act. The session creates urgency at the decision-making level and results in the organisation commissioning the full Cyber Risk Essentials programme — with the partner earning the managed service contract.

Frequently Asked Questions

How often does CRS run phishing simulations?

Randomised phishing simulations are run every 3–5 weeks, ensuring employees cannot predict when they are being tested. Simulations use current threat templates relevant to South African conditions — including QR code phishing, Microsoft 365 login spoofing, CEO fraud, and SARS-themed lures. Employees who click automatically receive remedial training without requiring IT team intervention.

What does the Executive Lunch-and-Learn cover?

The Executive Lunch-and-Learn is a 90-minute facilitated session designed for C-suite executives, board members, and senior management. It covers AI-powered social engineering, deepfake voice and video fraud, vishing (voice phishing) targeting executives, boardroom governance obligations under POPIA and the Companies Act, and how executives can personally reduce their attack surface. The session is tailored to the organisation's sector and recent threat actor activity.

Does the programme generate documentation for POPIA and cyber insurance compliance?

Yes. The programme produces automated monthly compliance reports showing training completion rates, phishing click rate trends, remedial training assignments, and measurable improvement over time. These reports satisfy POPIA information officer requirements, FSCA documentation obligations, and cyber insurance underwriter evidence requirements for active security awareness management.

Can this programme help reduce cyber insurance premiums?

Many cyber insurers offer reduced premiums or improved policy terms for organisations that can demonstrate active, documented security awareness training with measurable outcomes. The Cyber Risk Essentials programme is specifically structured to generate the documentation insurers require — including click rate trend data, training completion records, and dark web credential monitoring evidence — supporting premium negotiation at renewal.

What does the dark web credential monitoring component provide?

CRS monitors dark web forums, combolists, paste sites, and infostealer marketplaces for employee credentials associated with your organisation's email domains. When compromised credentials are detected, affected employees and the security team are alerted — enabling password resets and account remediation before attackers exploit the exposure. This continuous monitoring component runs in the background between phishing simulation campaigns.

Partner Intelligence Available

Partner pricing, discount tiers, detailed battle cards, and full sales enablement content for Cyber Risk Essentials are available exclusively to authorized CRS partners.

Become a CRS Partner

Get exclusive partner pricing, sales tools, and enablement resources for Cyber Risk Essentials.

Apply for Access Partner Sign In

Vendor Website

retaliatornation.io

Talk to a Specialist

USA: +1 512 947 9770

ZA: +27 12 023 1959

info@cyberretaliatorsolutions.com