Cyber Risk Assessment: Phishing

Zero Vulnerability Infrastructure

Simplify and justify your approach to cyber security

Our cyber risk assessment services can address each of the key areas of your network environment independently or as a whole.

USERS: Assess your risk to phishing attacks and determine user awareness training needs

ENDPOINTS: Identify your risk to unknown devices connected to your network

INFRASTRUCTURE: 99% of vulnerabilities are known – identify, prioritise and patch them

PERIMETER & APPLICATIONS: What applications are being used, are they a risk and have you been infected by malware

Cyber Risk Assessment: Phishing

This cyber risk service enables you to understand your organisations exposure to phishing attacks, allowing you to implement sufficient staff training and cyber security enhancements.

KHIPU uses simulated phishing attacks to assess how users react to phishing emails so that the right level of awareness training can be provided to educate them on cyber security and breach prevention (both personal and work related). 

Each assessment is conducted and managed by our dedicated cyber security teams – ensuring the cyber risk service meets all objectives and has meaningful outcomes.

Goal: To understand your organisations risk to phishing attacks to determine staff awareness training needs and required cyber security enhancements

Focus: Using simulated phishing attacks to assess how users react to phishing emails and provide awareness training services to educate them on cyber security

Outcomes: A prevention report that details all findings with best-practise recommendations for on-going prevention and protection against cyber-attacks. The report will be reviewed with KHIPU and you, as part of our strategic alignment with your organisation.


  • Users: Do they open phishing emails, click links, download attachments and share credentials via websites
  • Infrastructure: Are email systems, spam filters, firewalls, perimeter security systems etc configured correctly or capable of protecting against phishing attacks
  • Devices: What operating systems, web browsers and plug-ins are being used, are they vulnerable to drive-by and file-less phishing attacks
  • Validation: Comparisons after regular simulations and awareness training to determine effectiveness and measure success


  • Regular simulated phishing attacks with continual cyber security awareness training incl. portals and classroom training
  • Advanced endpoint protection to protect users and their devices against zero-day malware/ransomware attacks delivered by emails with infected attachments
  • Credential theft protection – protecting the user from sharing confidential information via phishing websites
  • Email protection | Email security – protect against threats such as email fraud, phishing, spam, bulk email and viruses
  • Best practice email configuration: SPF, DKIM and DMARC

Request your cyber risk assessment

Each of our cyber risk assessment services can be purchased separately or as a whole, to address your priority areas. To request a quote or for further information, please complete the form and one of our cyber security consultants will contact you.

Register to a 15-minute webinar

Understand more in just 15 minutes ! Join one of our webinars, where we explain our Zero Vulnerability Infrastructure offering and each of the cyber risk assessments. Register here.

Public Sector Purchasing Frameworks

For public sector organisations, please visit here as these services are available via direct award through national frameworks.