Theo Zafirakos on using simulation for cybersecurity

Theo Zafirakos on using simulation for cybersecurity

The risk of cyberattack can be reduced by improving user behaviour, while interactive education can help build a security-aware organisational culture, says Fortra’s chief information security officer

Alice Chambers |


Simulation is used by us all in our daily lives – be it a weather forecast or fire drill – to prepare ourselves for potential risk. There are widespread applications in industry too, ranging from crash test dummies in automotive to the modelling of medical procedures in healthcare.  

Enterprises in all sectors can benefit from simulation for their cybersecurity. Security solution provider Fortra uses it to educate employees and thereby help organisations reduce their risk of attack.  

“We believe in empowering people,” says Theo Zafirakos, chief information security officer at Fortra’s Terranova Security. “When people are informed, educated, supported and empowered, they do amazing things. Give people the appropriate security awareness training, tools and support, and together we can build a cyber secure and aware culture.” 

Fortra works with its customers to define security awareness programmes that aim to reduce their business risk levels. It provides courses on a variety of topics including eliminating unsafe end user behaviours, reducing cyber risks and keeping sensitive information safe. 

“Before they come to us, many organisations have nothing in place or only have reactive processes for when their cybersecurity is put at risk,” says Zafirakos. “It largely boils down to their users, who are often not aware of the threats they face when using technology and the internet.” 

Cloud security is more important now than ever before, Zafirakos points out. The Covid-19 pandemic has boosted the growth of remote work – the International Labour Organization reports that more than 70 per cent of full-time workers in Europe are now choosing to work from home, compared to just 5.4 per cent in 2019. This means that more people are interacting with multiple cloud services, often over unsecured networks.  

“Some of the most significant risks to cloud computing come from user behaviours,” says Zafirakos. “Managing these risks starts with having robust guidelines for cloud usage and security. Now, more than ever, cybersecurity relies on effective education more than technology. Firms can prevent and reduce security breaches, attacks and downtime by providing up-to-date, fun and interactive awareness activities.” 

Fortra develops training programmes that include progress tracking, phishing simulations and gamified activities so that organisations can reduce security breaches caused by user behaviour. 

“Simulations ensure employees can detect and avoid cyber threats like phishing, social engineering and ransomware,” says Zafirakos. “These interactive tests can be part of any security awareness training programme, facilitating the process of detection, reducing risk, building threat resilience and creating a security-aware organisational culture. 

“Simulations are most effective when they leverage real-world cyber threats that users may encounter. Within a safe environment, employees can learn how to detect and avoid phishing attacks so that organisations can leverage their results to adjust their future awareness efforts and improve their security as a whole.” 

Fortra believes that the key to combatting rapidly developing security threats is to raise security awareness within businesses and for them to seek support from trusted security partners that evolve with the growing cybersecurity landscape.  

“Fortra invests enormous energy into researching and developing so that it can help its customers rapidly adopt new capabilities and improve internal programmes,” says Zafirakos. “We use our partnership with Microsoft to stay up to date with the most recent threat insights and then use this data to create our awareness training and simulations. This is why Microsoft relies on us to build online training modules – such as phishing on Microsoft Teams – to provide engaging ways to reduce the risk of future security breaches.”  

This article was originally published in the Spring 2023 issue of Technology Record. To get future issues delivered directly to your inbox, sign up for a free subscription

Subscribe to the Technology Record newsletter


  • ©2024 Tudor Rose. All Rights Reserved. Technology Record is published by Tudor Rose with the support and guidance of Microsoft.