Author : admin

Which free templates for attack simulations can I use? Which free cybersecurity courses help me train my employees?

With CYBERDISE Freemium, we offer a free tool for phishing simulations. With it, you can not only run phishing exercises, but also train your employees with cybersecurity courses. And the best part is that you can edit all templates and adapt them to your specific needs – exactly as required for genuine awareness!

A new study conducted by CIO / CSO / Computerwoche (based on 324 interviews with senior IT decision-makers across DACH, conducted November–December 2025) paints a clear picture: NIS2 is reshaping how organisations think about cybersecurity. But compliance and actual resilience are still far apart.

Below are the findings we think matter most – and what they mean for how you approach security awareness and human risk.

Nearly half of all successful cyberattacks start with a negligent employee. Why is that and what can be done about it.

If you google this question, then it answers you that it’s because of ‘Falling for Phishing and Social Engineering Scams’, ‘Poor Password Management and Credential Hygiene’ and ‘Negligent Data Handling and Unsecured Devices’. Of course, these are important reasons, but this answer is much more helpful if you take a step back and realize that nearly all statements, so to speak, are about people!

And that’s how it is today, it’s proven that at least 47% [1] of successful cyber-attacks start with a careless employee and mostly with an phishing email. Why does this happen, why do employees get caught up in it? Our experience shows that there are three main reasons why employees fall for malicious emails.

It is obvious that Microsoft offers a phishing simulation tool. Unfortunately, organizations that genuinely care about having attentive employees who are well-sensitized to cyber risks are not well served by it.

The great thing about trade show season is that you get to have personal conversations with many cybersecurity specialists. And I’ve just learned from several German and Swiss mid-sized companies that they have let their contracts with their awareness vendors expire and are instead relying on Microsoft Defender Attack Simulator. After all, this product is included with E5 licenses – so why use anything else?

Behavior-oriented awareness means the primary success metric is observable risk behavior change, not knowledge completion, positive feedback scores, or course consumption.

An entire industry often offers customers products and services with little benefit. And they even buy into it!

Today in 2026, the cybersecurity awareness market will be worth around USD 6.7 billion [1]. Created just over 20 years ago, it is dominated by awareness or SAT providers, which I regard to be second generation. Companies such as Proofpoint, Terranova, Knowbe4, Sans, Sosafe, Hoxhundt, or whatever they are called, secure the lion’s share of this market, which is expected to grow to just under USD 15 billion in 2031. In addition, there are hundreds of other players, such as CYBERDISE | Cybersecurity Awareness .

What is CYBERDISE Freemium Edition?
It is a free phishing tool and learning environment where users can complete cybersecurity courses. Technically speaking, it is an attack simulator and a lean LMS including a content editor and user management.

What does the solution include?
The phishing simulator, learning management functionalities, two dozen attack templates, a dozen e-learning modules on information security, a content editor for customizing templates, and recipient management.

Some may wonder why CYBERDISE Awareness provides a free solution for phishing simulations and cybersecurity training at the highest level. Anyone who thinks this is purely for marketing purposes is completely wrong.

I need to give a bit of background so you can understand our motivation for offering a free phishing tool. It’s about effectiveness, the market, and our own standards – and yes, also about marketing 😉

The Human in an AI-Driven Threat Landscape – AI did overpass the human in writing phishing emails in 2024 – already two years ago[1]. It is therefore not surprising that nowadays, virtually all phishing attacks are created by AI agents. They write more convincing phishing, in a personalized way and they can process huge volumes of messages at almost no cost. There will always be malicious messages that outsmart even the best filters and end up in your mailbox. And these will be all the more dangerous.

So, organizations must empower the employees and IT-engineers and they should respond with the same level of AI-enabled automation. That’s why Cyberdise applies AI where it matters most