Cyber Security Training & Software for Companies | MetaCompliance


Discover our suite of personalised Security Awareness Training solutions, designed to empower and educate your team against modern cyber threats. From policy management to phishing simulations, our platform equips your workforce with the knowledge and skills needed to safeguard your organisation.

Cyber Security eLearning

Cyber Security eLearning to Explore our Award-Winning eLearning Library, Tailored for Every Department

Security Awareness Automation

Schedule Your Annual Awareness Campaign In A Few Clicks

Phishing Simulation

Stop Phishing Attacks In Their Tracks With Award-Winning Phishing Software

Policy Management

Centralise Your Policies In One Place And Effortlessly Manage Policy Lifecycles

Privacy Management

Control, Monitor, and Manage Compliance with Ease

Incident Management

Take Control Of Internal Incidents And Remediate What Matters



Explore the versatility of our solutions across diverse industries. From the dynamic tech sector to healthcare, delve into how our solutions are making waves across multiple sectors. 

Financial Services

Creating A First Line Of Defence For Financial Service Organisations


A Go-To Security Awareness Solution For Governments


A Security Awareness Training Solution For Large Enterprises

Remote Workers

Embed A Culture Of Security Awareness - Even At Home

Education Sector

Engaging Security Awareness Training For The Education Sector

Healthcare Workers

See Our Tailored Security Awareness For Healthcare Workers

Tech Industry

Transforming Security Awareness Training In The Tech Industry

NIS2 Compliance

Support Your Nis2 Compliance Requirements With Cyber Security Awareness Initiatives



From posters and policies to ultimate guides and case studies, our free awareness assets can be used to help improve cyber security awareness within your organisation.

Cyber Security Awareness For Dummies

An Indispensable Resource For Creating A Culture Of Cyber Awareness

Dummies Guide To Cyber Security Elearning

The Ultimate Guide To Implementing Effective Cyber Security Elearning

Ultimate Guide To Phishing

Educate Employees About How To Detect And Prevent Phishing Attacks

Free Awareness Posters

Download These Complimentary Posters To Enhance Employee Vigilance

Anti Phishing Policy

Create A Security-Conscious Culture And Promote Awareness Of Cyber Security Threats

Case Studies

Hear How We’re Helping Our Customers Drive Positive Behaviour In Their Organisations

A-Z Cyber Security Terminology

A Glossary Of Must-Know Cyber Security Terms

Cyber Security Behavioural Maturity Model

Audit Your Awareness Training And Benchmark Your Organisation Against Best Practice

Free Stuff

Download Our Free Awareness Assets To Improve Cyber Security Awareness In Your Organisation

MetaCompliance | Cyber Security Training & Software for Employees


With 18+ years of experience in the Cyber Security and Compliance market, MetaCompliance provides an innovative solution for staff information security awareness and incident management automation. The MetaCompliance platform was created to meet customer needs for a single, comprehensive solution to manage the people risks surrounding Cyber Security, Data Protection and Compliance.

Why Choose Us

Learn Why Metacompliance Is The Trusted Partner For Security Awareness Training

Employee Engagement Specialists

We Make It Easier To Engage Employees And Create a Culture of Cyber Awareness

Security Awareness Automation

Easily Automate Security Awareness Training, Phishing And Policies In Minutes


Meet the MetaCompliance Leadership Team


Stay informed about cyber awareness training topics and mitigate risk in your organisation.

NHS Cyber Attack – Everything you need to know


about the author

Share this post

As you will most likely be aware, an unprecedented ransomware incident took place on Friday across NHS hospitals. It is reported to have been found in around 100 countries and affected around 75,000 machines (and these figures were still increasing as we went to press.)

To help we thought we’d put together an anatomy of how it occurred, gathered from a range of different sources, to help you gain a better understanding of how it occurred and how it became so widespread so quickly.

But first, we hope that you could turn on your computer today without it being infected by malware, as many thousands across the globe won’t be so fortunate. It’s worth letting your friends and colleagues on Windows know that it’s important for their system to be fully patched with the “MS17-010” security update –

Email awareness

It’s likely that this whole attack kick started with a spamming attack. Multiple news agencies have reported that the malware that triggers the ransomware was installed after a user opened a word document that contained macros.

NHS Cyber Attack - Everything you need to know

For those of us involved in the cyber security space these attacks are commonplace. However, this one is unique in just how widespread it has become. The attack continued across the weekend, with Chinese state media reporting that 29,000 institutions across China having been infected by the global ransomware cyberattack. This has also continued into Monday morning with the Federal Government in Australia confirming that private businesses have been hit by the ransomware attack.

The Attachment of Doom!

So, once the email lands, and the user opens the attached documents – it’s game over!

Several things may have happened:

First, it is likely that once launched, the malware will have resent itself out to all the contacts in the users email contact list. This is one reason why the malware could travel so far, so fast.

Then the Malware will have installed itself on the local machine. This would most likely have also triggered the ransomware on the local machine. This particular variant of ransomware goes by a number of names – WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY. It encrypts every local file that it can and will display a screen like this:

NHS Cyber Attack - Everything you need to know

The idea is that once the encryption takes hold the user needs to pay to gain access to their files again. The amount requested is $300. If they haven’t paid in 72 hours, the amount doubles. And if they haven’t paid inside a week, the files will all be deleted. Of course – as with all ransomware, there is no guarantee that payment will result in the decryption of files. Payment is to be made using Bitcoins – for more on this digital currency see here


Don’t let the name fool you, the name EternalBlue should be striking fear into a lot of organisations right now. Sometime in the past the National Security Agency in the U.S. found a flaw in certain versions of Microsoft Windows which allowed them to access the machine remotely and install software. In a bizarre turn of events, earlier this year, the NSA themselves were hacked and the hackers found details of this flaw and a range of others. Once this became public knowledge, Microsoft released a patch for all supported versions of Windows.

However, there are several versions for which patches were not released – most notably Windows XP and Windows Server 2003. The malware that arrived last Friday was able to scan organisations network for machines which were running these unsupported versions of Windows, and then use this exploit (code named ‘EternalBlue’) to install itself across the network onto the detected machine, thus encrypting that machine.

This technique is another reason that the problem was able to spread so fast. It is also a main reason why the NHS was so hard hit. The NHS is notorious for using outdated software and operating systems – even for some of its most crucial systems.

One final thing to mention. You may have read the reports about the ‘accidental hero’ who has managed to stop any further machines becoming infected. It seems that before the ransomware takes effect and encrypts the machines, it ‘checks’ in with an internet domain. The domain is ‘’.

Essentially, the virus checks to see if that website is live, and if it is – the virus exits instead of infecting the machine. This seems to be a kill switch which the hackers have included to allow them to kill the ransomware campaign if they needed to. The domain above was never registered and so that website would not have been live. But one security analyst registered the domain (for a fee of £8), and this brought the website into existence and so the ransomware will no longer infect any more machines.

However, the hackers can make minor tweaks to their code and release the ransomware again without this kill switch. The effects of this could be far more devastating than what we saw on Friday.

NHS Cyber Attack - Everything you need to know

Only time will tell if these attacks escalate, or if we’ve seen the worst of EternalBlue. However, phishing attacks will continue to occur. To avoid your company getting caught up in a global incident in the future, you may want to invest in our specialist phishing simulation software – MetaPhish that increases your employees’ sensitivity to fraudulent emails. We also have an Essential Phishing Awareness eLearning course which covers how to correctly identify a phish and what to do when you spot one. 

Talk to us today for more information on how you could save your organisation from a phishing attack.

Other Articles on Cyber Security Awareness Training You Might Find Interesting