But here’s the catch: the rhyme isn’t always reliable. Snake patterns vary by region, and relying on one simple rule can still lead to danger.

Cyber security is no different.

We often expect staff to instantly recognise the difference between:

• A genuine email and a phishing attempt
• A safe document and one carrying hidden malware
• A legitimate login page and a fake one

To most employees, they look identical. And just like the snake rhyme, simple rules help — but they’re not always enough. Attackers evolve, tactics change, and what looked safe yesterday might be dangerous tomorrow.

Every year at Infosec, we hear the same pitch: “Buy this tool and it will solve all your problems.”

That’s modern snake oil. There is no silver bullet. No product that magically fixes cyber security. Real protection comes from a mix of people, process, and technology. We need training and monitoring that work all year round, not just during cyber security awareness month.

That’s why our industry exists, whether it’s a services provider like us, or internal security operation teams. We are there to focus on the details: look-alike domains, documents that behave strangely, logins from unusual places. To us, these stand out as clearly as “red touches yellow.”

Attacker groups are masters of reinvention.

One month they vanish, the next they reappear under a new name with a new brand, but it’s the same operators, the same tactics, the same venom underneath.

This is why chasing names or branding doesn’t solve the problem. Whether it’s Conti, LockBit, BlackCat, or the next group to emerge, what matters is recognising the underlying behaviours and preparing for the bite.

This cyber security awareness month, we’ve been talking about these challenges. But awareness can’t stop here.

We need to give our users the tools, training, and support all year round.