Sky escalated the email, A breach was avoided

No breach. No fallout.

No panicked calls from Baz.
Sky forwarded the email. Baz confirmed the threat.
And that was the end of it.

But not really.

Because that decision, to stop, to ask, to escalate, isn’t the norm in many businesses.

For a new starter without guidance, the odds were stacked against Sky.
No training. No clear process. No encouragement to question.
And that's exactly how breaches happen.

Sky had no formal security awareness during onboarding.
No one explained what a phishing email might look like.
There was no clear policy for reporting suspicious messages.
Sky made the right call, not because they were trained, but because they trusted their instinct.

And that’s rare.

Baz messages again later:

“Nice catch, by the way. That file’s fooled a few people before.”

Jo hears about it, too. Quiet praise.
Nothing showy, just a nod that Sky’s decision helped avoid something far worse.

The real lesson?

Cybersecurity isn’t just about firewalls and filters.
It’s about behaviour.
And today, Sky chose awareness, despite the gaps.

Real-world reflection:

This scenario mirrors a common attack pattern used against businesses every day.

A name-drop.
An attachment.
A call for urgency.
A moment of hesitation.

Under the NCSC's Cyber Essentials, organisations and staff should:

Train staff to recognise phishing threats
Create a culture of confident escalation
Include practical cyber awareness in onboarding
Protected by process, not left to guess

Sky didn’t guess.
Sky acted.
In this case she succeeded, but not everyone would have.

What’s next?

Shadow File #002 – Glitch in the Routine… coming soon...

Stay in the Loop

New Shadow Files are coming soon; where your decisions shape the story.
Sign up to be the first to know when a new case goes live.